my.exnessaffiliates.com Open in urlscan Pro
107.154.192.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://my.exnessaffiliates.com/
Effective URL:
https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
Submission: On September 03 via manual (September 3rd 2023, 2:20:08 pm UTC) from JO — Scanned from DE

Summary HTTP 80 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 80 HTTP transactions. The main IP is 107.154.192.37, located in United States and belongs to INCAPSULA, US. The main domain is my.exnessaffiliates.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 9th 2023. Valid for: a year.

This is the only time my.exnessaffiliates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	107.154.192.37 107.154.192.37	19551 (INCAPSULA) (INCAPSULA)
16	91.235.133.115 91.235.133.115	30286 (THM) (THM)
6	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	161.71.0.38 161.71.0.38	14340 (SALESFORCE) (SALESFORCE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
5	2a00:1450:400... 2a00:1450:4001:80e::2014	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:1a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.47.42.134 52.47.42.134	16509 (AMAZON-02) (AMAZON-02)
2 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	35.162.1.143 35.162.1.143	16509 (AMAZON-02) (AMAZON-02)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
80	23

10 107.154.192.37 (United States) 2 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.192.37.ip.incapdns.net

my.exnessaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.133.115 (United States)

ASN30286 (THM, US)

ex.exnessstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.71.0.38 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-lhr3.um4-lo2.force.com

myexness.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

11608044.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-n24g3w7-otgwz.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.47.42.134 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-42-134.eu-west-3.compute.amazonaws.com

exness.my.salesforce-scrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.162.1.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-1-143.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

7hs48cp7c3kkmdhmey24bsnymkcvv73xbhnx4lrjf75f5a77670e48eaam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	exnessstats.com ex.exnessstats.com — Cisco Umbrella Rank: 439131	170 KB
10	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 4589 api2.amplitude.com — Cisco Umbrella Rank: 1374	1 KB
10	exnessaffiliates.com 2 redirects my.exnessaffiliates.com	1 MB
8	google.de www.google.de — Cisco Umbrella Rank: 6457 adservice.google.de — Cisco Umbrella Rank: 13774	1 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3238 adservice.google.com — Cisco Umbrella Rank: 105	2 KB
7	doubleclick.net 3 redirects 11608044.fls.doubleclick.net — Cisco Umbrella Rank: 192390 stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	84 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2841 7hs48cp7c3kkmdhmey24bsnymkcvv73xbhnx4lrjf75f5a77670e48eaam1.e.aa.online-metrix.net	17 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 365 www.linkedin.com — Cisco Umbrella Rank: 625 px4.ads.linkedin.com — Cisco Umbrella Rank: 6371	5 KB
5	appspot.com gtm-n24g3w7-otgwz.uc.r.appspot.com — Cisco Umbrella Rank: 188881	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	224 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 760	6 KB
2	force.com myexness.force.com — Cisco Umbrella Rank: 247513	13 KB
1	salesforce-scrt.com exness.my.salesforce-scrt.com — Cisco Umbrella Rank: 272128	14 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 881	375 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 742	722 B
1	t.co t.co — Cisco Umbrella Rank: 577	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 758	15 KB
80	18

	Domain	Requested by
16	ex.exnessstats.com	my.exnessaffiliates.com ex.exnessstats.com
10	my.exnessaffiliates.com	2 redirects my.exnessaffiliates.com
7	www.google.de	my.exnessaffiliates.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com my.exnessaffiliates.com
6	api.lab.amplitude.com	my.exnessaffiliates.com
5	gtm-n24g3w7-otgwz.uc.r.appspot.com	www.googletagmanager.com my.exnessaffiliates.com
4	h.online-metrix.net	1 redirects ex.exnessstats.com
4	api2.amplitude.com	my.exnessaffiliates.com
4	www.google.com	2 redirects my.exnessaffiliates.com
3	region1.analytics.google.com	www.googletagmanager.com
3	px.ads.linkedin.com	3 redirects
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	my.exnessaffiliates.com www.googletagmanager.com
2	googleads.g.doubleclick.net	2 redirects
2	11608044.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	myexness.force.com	my.exnessaffiliates.com myexness.force.com
1	7hs48cp7c3kkmdhmey24bsnymkcvv73xbhnx4lrjf75f5a77670e48eaam1.e.aa.online-metrix.net
1	adservice.google.de	adservice.google.com
1	adservice.google.com	11608044.fls.doubleclick.net
1	exness.my.salesforce-scrt.com	myexness.force.com
1	px4.ads.linkedin.com	my.exnessaffiliates.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	my.exnessaffiliates.com
1	t.co	my.exnessaffiliates.com
1	static.ads-twitter.com	my.exnessaffiliates.com
80	27

This site contains links to these domains. Also see Links.

Domain
my.exness.com
www.exness.com
get.exnessaffiliates.help

Subject Issuer	Validity	Valid
my.exnessaffiliates.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-09` - `2024-09-01`	a year	crt.sh
ex.exnessstats.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-10-24`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.um4.force.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-05` - `2024-01-04`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
scrt01.uengage1.sfdc-urlt2q.svc.sfdcfc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-23` - `2023-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
Frame ID: 8304D4A4456D85119E0821D9A2F9D272
Requests: 53 HTTP requests in this frame

Frame: https://11608044.fls.doubleclick.net/activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F
Frame ID: 8DEBE1430999EC63374573D36A478335
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F
Frame ID: B1A7F6EEA2979AA9D53D1FEB38F9FE38
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F
Frame ID: 514B752E2A6D2D76F32673EA7599052A
Requests: 1 HTTP requests in this frame

Frame: https://ex.exnessstats.com/vuzkOETMELUnAb_9?5a6ffc258e8d7474=ZASFT9hiOTw5N0BwI9xoxmAVA3mTpTvIjRdoNrUlwK4-AM5ZxXuhENjzN6ANBewjbAMYEpH_EWFNKTCn4HgyQRUpjCepb85gCJkLWTOQHh666lsspLTfQQJPKAHNUwUuM7BuUsfyVWk0RmBKdG0znqITr1kpx751dxwCcolmEAesbUP_o1m_ST7DA-jPyE3t80r-nYDJbLeFKS9G&jb=3635242468736d7d3555696e64677771266a7b6d3f5f6b66666777712530303332246871603f416a706f6f6d2d303031313e
Frame ID: 20DD2D8BE0B521183936A79494087F49
Requests: 11 HTTP requests in this frame

Frame: https://ex.exnessstats.com/eArNFK2C3Vw8WPMj?5c3c62cb1c77c059=FTXoZqN8qGCuIcpdFBWgUleJVvzBUg0qFQUSnAyu83tUi-BjPEsDcF69d5IJus8ys_IErFdDHG__HjxT0ohqU6o9GVfZrYG-s96BMpwZZR3nb4cnPnaPRF-73-XmGRv_LZgIMSzhoSx5ODKvyKL460LfbM0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 92DA06742BECE00DAA6DE4347B32DDF2
Requests: 3 HTTP requests in this frame

Frame: https://ex.exnessstats.com/I-Vu9NvaU1peBCJW?cc9ed9e571e9baed=axrVZsFLn3FkeeCF9vXdUSUtoCQsexej38qx846VyWStQz7kvtLyjFwVLD1JH6QD4JmbeJOy4Xw3Bk5KFzVa_VM-ZkUxgSSf9w6SOmNvizH4CYS03hF33bnRqh26OnHzcIf19_KQ1ohVkTWVqbVjsm3UTjnZK-3QL3eDEikdBdkF9yWpxblG7QGD01vBQsHcT0Jz5Pxq84otOyEovMc
Frame ID: 96997F97557035C4B48BACF733857BD0
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/D35NPXpiUoiULwk3?ac731c004538243f=1eb2vRwKD_D919B4QNU8Lwt3brd5kBJ6ilKsfDux6FkKZxohO-pXXp8gbsPLQbT3tnizDcXl55qHd9fsDBU5N7My9jqRvT8lQetV6MlNLPcxR5skIvZA8R2NTn6Avzk_R_969ATINTgiboDBDEP0EY321AsK7qzOGgLfwTgL8YHA3y18-VxRvplcCQJqvKvOQo1nxPhcu-tP2XUjFxjY
Frame ID: EA7D31735C1FD586990D312377D2D399
Requests: 2 HTTP requests in this frame

Frame: https://ex.exnessstats.com/eU0jBHTOkuZpB1a_?108c8e549ad99d00=hoLKWVaTZeyHXFmxT_vVLavrd1FPR_lmwBUZ7zAS367nAL_NiQyrPvbaZhfjbKaAG_oPqSmYrj_W_9csxJ6E3IQotwnj58YbIVGdmKQvi3fmytN1-_gFdH6Jth5y8CErQOIaKOEXWZ16XS3e8k_YvG6XbjFvYIJ7FminAGzsnTgPunvuaZCgHzkjaSIGaj_ms9Cznnetyo5ZixyhtMTw
Frame ID: E325EA37821E25A868808F226C8B417F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In - Exness

Page URL History Show full URLs

https://my.exnessaffiliates.com/ HTTP 302
https://my.exnessaffiliates.com/dashboard/ HTTP 302
https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

80
Requests

95 %
HTTPS

48 %
IPv6

18
Domains

27
Subdomains

23
IPs

5
Countries

1691 kB
Transfer

6572 kB
Size

30
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://my.exness.com/intl/en/boarding/reset-password/
Title: Having trouble signing in?

Search URL Search Domain Scan URL

URL: https://www.exness.com/cdn/media/docs/risk_disclosure_and_warning_notice.pdf
Title: Risk Disclosure

Search URL Search Domain Scan URL

URL: https://www.exness.com/cdn/media/docs/preventing_money_laundering.pdf
Title: Preventing Money Laundering

Search URL Search Domain Scan URL

URL: https://www.exness.com/intl/en/instruction_security/
Title: Security Instructions

Search URL Search Domain Scan URL

URL: https://get.exnessaffiliates.help/hc/en-us
Title: Knowledge base

Search URL Search Domain Scan URL

URL: https://www.exness.com/intl/en/about_us/contacts/
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://my.exnessaffiliates.com/ HTTP 302
https://my.exnessaffiliates.com/dashboard/ HTTP 302
https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://11608044.fls.doubleclick.net/activityi;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F HTTP 302
https://11608044.fls.doubleclick.net/activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5254194%26time%3D1693750802508%26url%3Dhttps%253A%252F%252Fmy.exnessaffiliates.com%252Flogin%252F%253Forigin%253D%25252Fdashboard%25252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true&liSync=true&e_ipv6=AQI5MBff9XTelwAAAYpbajoYW8t8J750BBkp54PKO-Otc00OhuFskhdQ5gfECGEs

Request Chain 41

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852410746/?random=274826630&fst=1693750802597&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&data=userId%3DNULL&auid=412672749.1693750803&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/852410746/?random=274826630&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&data=userId%3DNULL&is_vtc=1&random=1375040097 HTTP 302
https://www.google.de/pagead/1p-user-list/852410746/?random=274826630&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&data=userId%3DNULL&is_vtc=1&random=1375040097&ipr=y

Request Chain 48

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852410746/?random=1496771161&fst=1693750802609&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&auid=412672749.1693750803&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/852410746/?random=1496771161&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&is_vtc=1&random=2060438183 HTTP 302
https://www.google.de/pagead/1p-user-list/852410746/?random=1496771161&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&is_vtc=1&random=2060438183&ipr=y

Request Chain 58

https://h.online-metrix.net/BPIxGOJ_8S3ouFi3?ea5f844acd54848e=8k4RrPUtbaKMpmhZe0_j4ftkLx7i00GkbVFrZCAkfDE4RTbSXK7iyzPhA8uCqiuwGbRPcZUHOz-JNkTReT3dSJADOencFgkaRIGhzsFf5e1C99teLu0FEUi7VqTtlzTwJVaznM_wi1o2kN1R7uPEvewY-qQC7Qt1_XGPGya3Fn5uCyg HTTP 302
https://h.online-metrix.net/BPIxGOJ_8S3ouFi3?7fbee7a7d5b54b1f=8k4RrPUtbaKMpmhZe0_j4ftkLx7i00GkbVFrZCAkfDE4RTbSXK7iyzPhA8uCqiuwGbRPcZUHOz-JNkTReT3dSJADOencFgkaRIGhzsFf5e1C99teLu0FEUi7VqTtlzTwJVaznC5aiX7jXkroUhsm9SASxL4&k=2

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
my.exnessaffiliates.com/login/
Redirect Chain

https://my.exnessaffiliates.com/
https://my.exnessaffiliates.com/dashboard/
https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

302 KB
69 KB

588ms
587ms

Document
text/html

107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

f80252a515c7b3a9cfa203bf5b9928973cfdff48d285cecea35778cde8b25251

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' default-src 'self' data: .exaffiliates.com .exaffiliate.com .xsaffiliates.com .xsaffiliate.com .exsaffiliates.com .exsaffiliate.com .exspartners.com .xsspartners.com .xsspartner.com .xssaffiliates.com .xssaffiliate.com .exness.com .exness-168.com .exness-888.com .exness888.com .exness.asia .exness.direct .exness.markets .exness.global .exness.broker .exness.trade .exnessaffiliates.com .exnessaffiliates.asia .exnessaffiliates.co.id .exnessaffiliates.markets .webvisor.com .google.com storage.googleapis.com google-analytics.com .zopim.com .surveymonkey.com fonts.googleapis.com tagmanager.google.com .exness.net .dev.env .test.env .blackswanmarkets.com .wlbrokers.com; frame-src ; script-src 'self' 'unsafe-inline' https:; style-src 'self' tagmanager.google.com fonts.googleapis.com myexness.force.com data: 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' .exness.net .dev.env .test.env .prod.env .blackswanmarkets.com .wlbrokers.com .exnessaffiliates.com .exnessaffiliates.asia .exnessaffiliates.co.id .exnessaffiliates.markets .webvisor.com .zopim.com .surveymonkey.com *.exness-id.asia fonts.googleapis.com tagmanager.google.com https: wss:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: frame-ancestors 'self' default-src 'self' data: *.exaffiliates.com *.exaffiliate.com *.xsaffiliates.com *.xsaffiliate.com *.exsaffiliates.com *.exsaffiliate.com *.exspartners.com *.xsspartners.com *.xsspartner.com *.xssaffiliates.com *.xssaffiliate.com *.exness.com *.exness-168.com *.exness-888.com *.exness888.com *.exness.asia *.exness.direct *.exness.markets *.exness.global *.exness.broker *.exness.trade *.exnessaffiliates.com *.exnessaffiliates.asia *.exnessaffiliates.co.id *.exnessaffiliates.markets *.webvisor.com *.google.com storage.googleapis.com google-analytics.com *.zopim.com *.surveymonkey.com fonts.googleapis.com tagmanager.google.com *.exness.net *.dev.env *.test.env *.blackswanmarkets.com *.wlbrokers.com; frame-src *; script-src 'self' 'unsafe-inline' https:; style-src 'self' tagmanager.google.com fonts.googleapis.com myexness.force.com data: 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' *.exness.net *.dev.env *.test.env *.prod.env *.blackswanmarkets.com *.wlbrokers.com *.exnessaffiliates.com *.exnessaffiliates.asia *.exnessaffiliates.co.id *.exnessaffiliates.markets *.webvisor.com *.zopim.com *.surveymonkey.com *.exness-id.asia fonts.googleapis.com tagmanager.google.com https: wss:
content-type: text/html; charset=utf-8
date: Sun, 03 Sep 2023 14:20:01 GMT
etag: W/"4b8d0-zjGwubDbyGPJwuRzyfWs6Ptu7uU"
referrer-policy: no-referrer, strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 3-3961049-3896529 pNNy RT(1693750799937 356) q(0 0 0 -1) r(6 6) U12
x-request-id: 28ec6bf12ba9c4432b872b07ccfbd9d0

Redirect headers

cache-control: private
content-length: 104
content-security-policy: frame-ancestors 'self' default-src 'self' data: *.exaffiliates.com *.exaffiliate.com *.xsaffiliates.com *.xsaffiliate.com *.exsaffiliates.com *.exsaffiliate.com *.exspartners.com *.xsspartners.com *.xsspartner.com *.xssaffiliates.com *.xssaffiliate.com *.exness.com *.exness-168.com *.exness-888.com *.exness888.com *.exness.asia *.exness.direct *.exness.markets *.exness.global *.exness.broker *.exness.trade *.exnessaffiliates.com *.exnessaffiliates.asia *.exnessaffiliates.co.id *.exnessaffiliates.markets *.webvisor.com *.google.com storage.googleapis.com google-analytics.com *.zopim.com *.surveymonkey.com fonts.googleapis.com tagmanager.google.com *.exness.net *.dev.env *.test.env *.blackswanmarkets.com *.wlbrokers.com; frame-src *; script-src 'self' 'unsafe-inline' https:; style-src 'self' tagmanager.google.com fonts.googleapis.com myexness.force.com data: 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' *.exness.net *.dev.env *.test.env *.prod.env *.blackswanmarkets.com *.wlbrokers.com *.exnessaffiliates.com *.exnessaffiliates.asia *.exnessaffiliates.co.id *.exnessaffiliates.markets *.webvisor.com *.zopim.com *.surveymonkey.com *.exness-id.asia fonts.googleapis.com tagmanager.google.com https: wss:
content-type: text/html; charset=utf-8
date: Sun, 03 Sep 2023 14:20:01 GMT
location: /login/?origin=%2Fdashboard%2F
referrer-policy: no-referrer, strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 3-3961049-3896529 pNNy RT(1693750799937 33) q(0 0 0 -1) r(3 3) U11
x-request-id: fe8306ce8f56fba0b19fc323dfad1a73

GET
H2 200 runtime.dad6e272.js Show response
my.exnessaffiliates.com/assets/ 5 KB
3 KB 31ms
30ms Script
application/javascript 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/assets/runtime.dad6e272.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

6931f97a7d1893756bfbe0064556ebae7ad400774b195dc70750cf20ec295415

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:11:33 GMT
x-cdn: Imperva
etag: W/"64f1d4f5-15ab"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 3-3961049-3527407 pNNy RT(1693750799937 961) q(0 1 1 -1) r(1 1) U2
cache-control: private

GET
H2 200 2018.db6e32a2.js Show response
my.exnessaffiliates.com/assets/ 800 KB
243 KB 40ms
38ms Script
application/javascript 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/assets/2018.db6e32a2.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

af5f59b63f300023b0d0f451d876715cbd56552cd94a8b0c74ece056ad4cdcd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:11:33 GMT
x-cdn: Imperva
etag: W/"64f1d4f5-c8173"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 3-3961049-3961130 nNNY RT(1693750799937 966) q(0 0 0 -1) r(0 0) U2
cache-control: private

GET
H2 200 client.37ee31dc.js Show response
my.exnessaffiliates.com/assets/ 1 MB
215 KB 147ms
146ms Script
application/javascript 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/assets/client.37ee31dc.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

c2302bba8ff636bc8a07a491a6551eb36982dc7df14e17beee7536a080e0687d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:11:33 GMT
x-cdn: Imperva
etag: W/"64f1d4f5-10beee"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 3-3961049-3961133 nNNY RT(1693750799937 971) q(0 0 0 -1) r(0 1) U2
cache-control: private

GET
H2 200 6181.7dc85013.chunk.js Show response
my.exnessaffiliates.com/assets/ 1 MB
340 KB 44ms
43ms Script
application/javascript 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/assets/6181.7dc85013.chunk.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

89b395e3a4ca058c114dbef0c44e976a331e6c0d998de0a9d03378032a0661c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:11:33 GMT
x-cdn: Imperva
etag: W/"64f1d4f5-12dfa8"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 3-3961049-3961135 nNNY RT(1693750799937 973) q(0 0 0 -1) r(0 0) U2
cache-control: private

GET
H2 200 routes.ed7d20fc.chunk.js Show response
my.exnessaffiliates.com/assets/ 1 MB
263 KB 49ms
48ms Script
application/javascript 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/assets/routes.ed7d20fc.chunk.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

8758ab3e081f251ad9f21d85d24719082e331af8ddf27c97d6af6ccca3cb715b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:11:33 GMT
x-cdn: Imperva
etag: W/"64f1d4f5-10b3af"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 3-3961049-3961137 nNNY RT(1693750799937 976) q(0 0 0 -1) r(0 0) U2
cache-control: private

GET
H2 200 login.60921013.chunk.js Show response
my.exnessaffiliates.com/assets/ 10 KB
4 KB 46ms
46ms Script
application/javascript 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.exnessaffiliates.com/assets/login.60921013.chunk.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

671bbee821b27d77d46280e9465e75b583d75037880092fea68ffab9473cb18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:11:33 GMT
x-cdn: Imperva
etag: W/"64f1d4f5-273d"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 3-3961049-3527407 pNNy RT(1693750799937 979) q(0 0 0 -1) r(0 0) U2
cache-control: private

GET
H/1.1 200
OK mti3qrrxurlyuzre.js Show response
ex.exnessstats.com/ 93 KB
13 KB 88ms
17ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/mti3qrrxurlyuzre.js?729cdtrelmlwoivj=7hs48cp7&j9rjyn9x3745mic4=72f2b0f8-6ee0-4c5d-b39b-28d75b43ff6c

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a4cdf85f0a0e755340bf0679c2c102131c41ebfc1d71c0cd79ef7ef2d7aa782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:20:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo.svg
my.exnessaffiliates.com/ 5 KB
2 KB 29ms
29ms Image
image/svg+xml 107.154.192.37
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.exnessaffiliates.com/logo.svg

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.37 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.37.ip.incapdns.net

Software

Resource Hash

9033c04857874a96c138464ab8d2e30a71a820e1d685b0791980f9a4d77ebd52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Sep 2023 12:06:52 GMT
x-cdn: Imperva
etag: W/"64f1d3dc-12ed"
vary: Accept-Encoding
content-type: image/svg+xml
x-iinfo: 3-3961049-3527407 pNNy RT(1693750799937 1019) q(0 0 0 -1) r(0 0) U2
cache-control: private

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 246ms
180ms Preflight 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://my.exnessaffiliates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://my.exnessaffiliates.com
access-control-max-age: 1800
cache-control: no-store
date: Sun, 03 Sep 2023 14:20:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-64f49612-609d21435aaa95ae5c72dea8
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1693750802.108036,VS0,VE171

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
74 KB 52ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N25Z29H

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/client.37ee31dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73cc1242bb78110a16113a8ed65da47afd17f1baa6628e1648c47d0c8eecde21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75116
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Sep 2023 14:20:02 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 171 B
158 B 219ms
219ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/2018.db6e32a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

932da1a3b64751e9a2c8802fdd4545b3e1aa342894b5e1f8d2ae269bcca6ea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-x8Di1VssCUU9ilq1hC11UqIzbd6sDwLw
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiI4ZGY4NzQxMS1kOTE5LTQxY2EtYjBkMC04ZDEwNGYxZmFhOGYiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 95
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1693750802.288756,VS0,VE212
x-amzn-trace-id: Root=1-64f49612-71ca891f587dcca57a3c72ab
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 171 B
241 B 210ms
210ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/2018.db6e32a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

932da1a3b64751e9a2c8802fdd4545b3e1aa342894b5e1f8d2ae269bcca6ea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-x8Di1VssCUU9ilq1hC11UqIzbd6sDwLw
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiI4ZGY4NzQxMS1kOTE5LTQxY2EtYjBkMC04ZDEwNGYxZmFhOGYiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 95
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1693750802.297562,VS0,VE203
x-amzn-trace-id: Root=1-64f49612-71ca891f587dcca57a3c72ab
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 175ms
175ms Preflight 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://my.exnessaffiliates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://my.exnessaffiliates.com
access-control-max-age: 1800
cache-control: no-store
date: Sun, 03 Sep 2023 14:20:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-64f49612-7ac893694af18b811a4f2644
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1693750802.121630,VS0,VE169

GET
H/1.1 200
OK bootstrap.min.js Show response
myexness.force.com/ESWExnessPAAffiliates1676508301091/assets/js/ 34 KB
10 KB 200ms
19ms Script
application/javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://myexness.force.com/ESWExnessPAAffiliates1676508301091/assets/js/bootstrap.min.js

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/routes.ed7d20fc.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

9014891452f382c42135bd634acafda83d338bc39cb3e27d6b9aa8b9c5e47da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:19:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Referrer-Policy: origin-when-cross-origin
Age: 30
ETag: "de5ab40c9e--gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60,immutable,public
Content-Length: 10000
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11608044

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N25Z29H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd4e575df887fbe1b8a56932d6443b7f35dabda4a0536be1e93f5a9daab763f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64962
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Sep 2023 14:20:02 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
1 KB 42ms
9ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N25Z29H

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 18:41:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
content-type: application/javascript;charset=utf-8
cache-control: max-age=67648
accept-ranges: bytes
content-length: 1046

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 171 KB
63 KB 51ms
24ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-P8H2VKJ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N25Z29H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a6c04cd52ba8525f8cf32555418fe29acc457fdf1492da0793e836d5c2609db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 63902
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Sep 2023 14:20:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N25Z29H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Sep 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1819
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Sep 2023 15:49:43 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 48ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220029-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
87 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N25Z29H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cf82e838cdbab7b385738465c38272c0e3533166ce73d0590074fc4078b21b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Sep 2023 14:20:02 GMT

GET
H2

200

activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;... Show response
11608044.fls.doubleclick.net/ Frame 8DEB
Redirect Chain

https://11608044.fls.doubleclick.net/activityi;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafv...
https://11608044.fls.doubleclick.net/activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=und...

638 B
530 B

110ms
109ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11608044.fls.doubleclick.net/activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11608044

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f6526f69a69926e4c106c7878d7d3aa2a80ccfdc4a81ecdc8559cc38ebdcb8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.exnessaffiliates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 14:20:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 14:20:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11608044.fls.doubleclick.net/activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=27469
accept-ranges: bytes
content-length: 4862

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 159ms
123ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bc4d2e7a-89f7-497b-9d28-0142896bcbf2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b62aecb7-3988-46e8-b49f-a2d3db40d6b8&tw_document_href=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tw_iframe_status=0&txn_id=o19sj&type=javascript&version=2.3.29

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time: 117
date: Sun, 03 Sep 2023 14:20:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: bc5b048800404a96
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: db3caa0157ca463617b7fd1d4b377612431902a044741317a7f8e9f899bba288
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 217ms
179ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=bc4d2e7a-89f7-497b-9d28-0142896bcbf2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b62aecb7-3988-46e8-b49f-a2d3db40d6b8&tw_document_href=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tw_iframe_status=0&txn_id=o19sj&type=javascript&version=2.3.29

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time: 172
date: Sun, 03 Sep 2023 14:20:02 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 211e963e625c226f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6dc9341758c0d6afc26a19a5b900b5435dc5a14e74cb54ec5a036edf791d67b0
content-length: 43

GET
H2 200 collect Show response
gtm-n24g3w7-otgwz.uc.r.appspot.com/g/ 2 KB
1 KB 207ms
138ms XHR
text/plain 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG&gtm=45je38u0&_p=273731415&cid=1706399507.1693750802&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&_s=1&sid=1693750802&sct=1&seg=0&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&dt=Log%20In%20-%20Exness&en=page_view&_fv=1&_nsi=1&_ss=2&ep.userId=NULL&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

8443fdedee3a6bfa5c4f972e32bbcad649a235848d4d3d5693aecd8633a229af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
186 B 16ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=273731415&t=pageview&_s=1&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Exness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABRAAAACAAI~&jid=629432758&gjid=1211000348&cid=1706399507.1693750802&uid=NULL&tid=UA-8651572-1&_gid=770966428.1693750802&_slc=1&gtm=45He38u0n81N25Z29H&cd24=NULL&z=1067219311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8651572-1&cid=1706399507.1693750802&jid=629432758&uid=NULL&gjid=1211000348&_gid=770966428.1693750802&_u=aCDAiEABRAAAAGAAI~&z=1148693587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=273731415&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Exness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Navigation&ea=Navigation%20success&el=%2Flogin%2F&ev=0&_u=aCDAiEABRAAAAGAAI~&jid=436310958&gjid=599758154&cid=1706399507.1693750802&uid=NULL&tid=UA-106146448-1&_gid=770966428.1693750802&_slc=1&gtm=45He38u0n81N25Z29H&cd2=NULL&z=1288694212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 54ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-106146448-1&cid=1706399507.1693750802&jid=436310958&uid=NULL&gjid=599758154&_gid=770966428.1693750802&_u=aCDAiEABRAAAAGAAI~&z=1995485086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=273731415&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Exness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Navigation&ea=Navigation%20success&el=%2Flogin%2F&ev=0&_u=aCDAiEABRAAAAGAAI~&jid=&gjid=&cid=1706399507.1693750802&uid=NULL&tid=UA-8651572-1&_gid=770966428.1693750802&gtm=45He38u0n81N25Z29H&cd24=NULL&z=1426557972

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Sep 2023 23:52:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52042
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=273731415&t=pageview&_s=1&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&ul=en-us&de=UTF-8&dt=Log%20In%20-%20Exness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABRAAAAGAAI~&jid=&gjid=&cid=1706399507.1693750802&uid=NULL&tid=UA-106146448-1&_gid=770966428.1693750802&gtm=45He38u0n81N25Z29H&cd2=NULL&z=2072456305

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 08:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21478
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/5254194/domain/my.exnessaffiliates.com/ 36 B
375 B 77ms
12ms XHR
application/json 2600:9000:20eb:1a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/5254194/domain/my.exnessaffiliates.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 13:45:51 GMT
content-encoding: gzip
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2051
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: _f9JBFJh-8vGN4mXX5W4vO3aJxMCaDqCQEEl3FoikvLwdpBPTp0ElA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5254194%26time%3D1693750802508%26url%3Dhttps%253A%252F%252Fmy.exnessaffiliates.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true&liSync=true&e_ipv...

0
266 B

174ms
114ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true&liSync=true&e_ipv6=AQI5MBff9XTelwAAAYpbajoYW8t8J750BBkp54PKO-Otc00OhuFskhdQ5gfECGEs
Requested by: Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 95CF64E9744148F2808DA5B0A2C9FDFB Ref B: DUS30EDGE0914 Ref C: 2023-09-03T14:20:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEdRb1bT2h4QFfEhkuxQ==

Redirect headers

date: Sun, 03 Sep 2023 14:20:02 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3BA045BB55424631B0F20D6598976198 Ref B: FRAEDGE1107 Ref C: 2023-09-03T14:20:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5254194&time=1693750802508&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&cookiesTest=true&liSync=true&e_ipv6=AQI5MBff9XTelwAAAYpbajoYW8t8J750BBkp54PKO-Otc00OhuFskhdQ5gfECGEs
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEdRby0DpXn+ijBkgkGA==

GET
H2 200 collect Show response
gtm-n24g3w7-otgwz.uc.r.appspot.com/g/ 374 B
666 B 129ms
129ms XHR
text/plain 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG&gtm=45je38u0&_p=273731415&cid=1706399507.1693750802&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&_s=2&sid=1693750802&sct=1&seg=0&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&dt=Log%20In%20-%20Exness&en=scroll&ep.userId=NULL&epn.percent_scrolled=90&_et=6&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0c5f83e822475c324a27f964f4780cf1573219a02b86c6b0276f88042988336a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK bootstrap.min.css
myexness.force.com/ESWExnessPAAffiliates1676508301091/assets/styles/ 13 KB
3 KB 21ms
19ms Stylesheet
text/css 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://myexness.force.com/ESWExnessPAAffiliates1676508301091/assets/styles/bootstrap.min.css

Requested by

Host: myexness.force.com
URL: https://myexness.force.com/ESWExnessPAAffiliates1676508301091/assets/js/bootstrap.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

4ff1e99fb4eab3684a236b78837645b5f708ecfe05d865ae764c618f6a4b7a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:19:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Referrer-Policy: origin-when-cross-origin
Age: 30
ETag: "7ff4768362--gzip"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: max-age=60,immutable,public
Content-Length: 2266
X-XSS-Protection: 1; mode=block

GET
H2 200 embedded-service-config Show response
exness.my.salesforce-scrt.com/embeddedservice/v1/ 13 KB
14 KB 166ms
33ms XHR
application/json 52.47.42.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exness.my.salesforce-scrt.com/embeddedservice/v1/embedded-service-config?orgId=00D58000000Kpf3&esConfigName=Exness_PA_Affiliates&language=en

Requested by

Host: myexness.force.com
URL: https://myexness.force.com/ESWExnessPAAffiliates1676508301091/assets/js/bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.47.42.134 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-47-42-134.eu-west-3.compute.amazonaws.com

Software

Resource Hash

e06a50f7e0619a97880f6e967f293ff3a5d3460cd509ff678292bbec261b2134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-scrt-correlation-id: ac9d9969a96e9f96
x-frame-options: DENY
access-control-allow-methods: GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 69ms
46ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8651572-1&cid=1706399507.1693750802&jid=629432758&_u=aCDAiEABRAAAAGAAI~&z=539621977

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 69ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8651572-1&cid=1706399507.1693750802&jid=629432758&_u=aCDAiEABRAAAAGAAI~&z=539621977

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 65ms
45ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106146448-1&cid=1706399507.1693750802&jid=436310958&_u=aCDAiEABRAAAAGAAI~&z=736574461

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 67ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106146448-1&cid=1706399507.1693750802&jid=436310958&_u=aCDAiEABRAAAAGAAI~&z=736574461

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
250 B 39ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?_gsid=M71C3QBXSGMnkhmPk3lsY6Mjy7n5lQFw
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/852410746/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852410746/?random=274826630&fst=1693750802597&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.ex...
https://www.google.com/pagead/1p-user-list/852410746/?random=274826630&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Fl...
https://www.google.de/pagead/1p-user-list/852410746/?random=274826630&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flo...

42 B
64 B

21ms
21ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/852410746/?random=274826630&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&data=userId%3DNULL&is_vtc=1&random=1375040097&ipr=y

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/852410746/?random=274826630&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&data=userId%3DNULL&is_vtc=1&random=1375040097&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam... Show response
adservice.google.com/ddm/fls/i/ Frame B1A7 637 B
730 B 140ms
115ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F

Requested by

Host: 11608044.fls.doubleclick.net
URL: https://11608044.fls.doubleclick.net/activityi;dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1efa3519d6141d90533ff440621ae5fb8a558bb28f66248006c66e4fb0fc420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11608044.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 14:20:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M71C3QBXSG&cid=1706399507.1693750802&gtm=45j91e38u1&aip=1&z=672787226

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
45 B 21ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?_gsid=M71C3QBXSG3FS-PdjBl60RceVmc1hXUA
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 21ms
19ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M71C3QBXSG&cid=1706399507.1693750802&gtm=45j91e38u1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _set_cookie
gtm-n24g3w7-otgwz.uc.r.appspot.com/ 48 B
48 B 127ms
125ms Image
image/gif 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm-n24g3w7-otgwz.uc.r.appspot.com/_set_cookie?val=1S3k379MTQ7b5F4puFbF8XJPADQRmR5wNglKPJzPQEvF1FelNY4aIaz3jPZjqPU3LSbARsl8VprO0VVWC0bjKhJBYWz381JiFxLRVBcNgQziLkHopVfnjbw8NNq0HCRZJU27hKXSjL%2BP2Lp3Su1ptyyrm1wPsodFSZ5bGJw6rSgQteLWulUdyGrQoX26iByd2RqSRm2m03B47tjwqrENdFU58lcw27aoj7gbqpUOKdwAECw1Gn8mMw%3D%3D
Requested by: Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
46ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M71C3QBXSG&cid=1706399507.1693750802&gtm=45j91e38u1&aip=1&z=917706766

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/852410746/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852410746/?random=1496771161&fst=1693750802609&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.e...
https://www.google.com/pagead/1p-user-list/852410746/?random=1496771161&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2F...
https://www.google.de/pagead/1p-user-list/852410746/?random=1496771161&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Fl...

42 B
64 B

20ms
20ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/852410746/?random=1496771161&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&is_vtc=1&random=2060438183&ipr=y

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/852410746/?random=1496771161&fst=1693749600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e38u1&url=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&tiba=Log%20In%20-%20Exness&is_vtc=1&random=2060438183&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _set_cookie
gtm-n24g3w7-otgwz.uc.r.appspot.com/ 48 B
48 B 245ms
245ms Image
image/gif 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm-n24g3w7-otgwz.uc.r.appspot.com/_set_cookie?val=ZybyT2Z39kKhO3aGu3rCGSHqBVK%2Bf7S8O6DFUpOPZTFep4qK6QY9Z4nsH2j5n%2FJVW2C3Bwq93OlPuTMiidEEzVUGzJQpmijRhANFGbUWS9%2FLz6IayEbcFygJUEpYjyXjJflQ2gcjZjtyjzqFk3%2Fi5bathuaQMRSckua1ZdeNVhNYPDyLA%2BAZK0gwgqGnwkYH3ccy8DGeb96zHOipwttG2lyOSpXn9A%3D%3D
Requested by: Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/login/?origin=%2Fdashboard%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam... Show response
adservice.google.de/ddm/fls/i/ Frame 514B 194 B
303 B 130ms
122ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKm1sLfRjoEDFc4NaAgdEAQDzA;src=11608044;type=pages;cat=allpa0;ord=7418633801039;auiddc=1515513406.1693750802;u1=undefined;u26=NULL;u8=en;u9=undefined;gtm=45fe38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;match_id=NULL;~oref=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 14:20:02 GMT
expires: Sun, 03 Sep 2023 14:20:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 191ms
191ms Fetch
application/json 35.162.1.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/2018.db6e32a2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.1.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-1-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

c8c84a7211c43d9897a2e542ab36e2d79c2a2521c5ffd96c6d2c2dec4ed586dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 03 Sep 2023 14:20:03 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64f49613-4d25aad60469595411293864
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 557ms
178ms Preflight 35.162.1.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.1.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-1-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://my.exnessaffiliates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Sun, 03 Sep 2023 14:20:03 GMT
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK vuzkOETMELUnAb_9 Show response
ex.exnessstats.com/ Frame 20DD 488 KB
91 KB 22ms
21ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/vuzkOETMELUnAb_9?5a6ffc258e8d7474=ZASFT9hiOTw5N0BwI9xoxmAVA3mTpTvIjRdoNrUlwK4-AM5ZxXuhENjzN6ANBewjbAMYEpH_EWFNKTCn4HgyQRUpjCepb85gCJkLWTOQHh666lsspLTfQQJPKAHNUwUuM7BuUsfyVWk0RmBKdG0znqITr1kpx751dxwCcolmEAesbUP_o1m_ST7DA-jPyE3t80r-nYDJbLeFKS9G&jb=3635242468736d7d3555696e64677771266a7b6d3f5f6b66666777712530303332246871603f416a706f6f6d2d303031313e

Requested by

Host: ex.exnessstats.com
URL: https://ex.exnessstats.com/mti3qrrxurlyuzre.js?729cdtrelmlwoivj=7hs48cp7&j9rjyn9x3745mic4=72f2b0f8-6ee0-4c5d-b39b-28d75b43ff6c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a1d34b829da2b00b893e24d86c95c23259c7e414881f9cfb0842bac73ac39b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: f75f5a77670e48ea
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HgAoHXEUf0ePc9nP
ex.exnessstats.com/ Frame 20DD 81 B
475 B 36ms
12ms Image
image/png 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ex.exnessstats.com/HgAoHXEUf0ePc9nP?22e90cdb3f2b34dd=Uk40WrW0Ts1UM19VZd8f1NlLGkkvF_5WkaBHTkXpomRGdWXI9Jvdu69x2Asnbd5kBa-TaEEkV1HOc4WbnVGAiIZFd6yU2SwJuSOdPwr9S_p-lcAioAdwn1OIogPMU6FPpVtKVZO4LA6YTO8xJ9rCHTjaF4JSt51ZPtKQtPo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK X8irCHqU6nEfXAr6
ex.exnessstats.com/ Frame 20DD 81 B
475 B 37ms
13ms Image
image/png 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ex.exnessstats.com/X8irCHqU6nEfXAr6?f0fbfb2d60e84ff4=UF6dw8uGnBdZY9trC1_2ANNUio_DDDQDrpy-cIdvnWmgWU5-9S0oUDESDy4R2EIrAxCvrnRaW94SOvBYs-0jU-Fq8ZEdSAdUevcjSmp1tUuycT_eeUWkpLVY4hSc2YO7e43G9ZYSewr1mqEYt5rtgyG5wIa_M2a3AjYEb6o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK eArNFK2C3Vw8WPMj Show response
ex.exnessstats.com/ Frame 92DA 19 KB
6 KB 17ms
17ms Document
text/html 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/eArNFK2C3Vw8WPMj?5c3c62cb1c77c059=FTXoZqN8qGCuIcpdFBWgUleJVvzBUg0qFQUSnAyu83tUi-BjPEsDcF69d5IJus8ys_IErFdDHG__HjxT0ohqU6o9GVfZrYG-s96BMpwZZR3nb4cnPnaPRF-73-XmGRv_LZgIMSzhoSx5ODKvyKL460LfbM0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: ex.exnessstats.com
URL: https://ex.exnessstats.com/vuzkOETMELUnAb_9?5a6ffc258e8d7474=ZASFT9hiOTw5N0BwI9xoxmAVA3mTpTvIjRdoNrUlwK4-AM5ZxXuhENjzN6ANBewjbAMYEpH_EWFNKTCn4HgyQRUpjCepb85gCJkLWTOQHh666lsspLTfQQJPKAHNUwUuM7BuUsfyVWk0RmBKdG0znqITr1kpx751dxwCcolmEAesbUP_o1m_ST7DA-jPyE3t80r-nYDJbLeFKS9G&jb=3635242468736d7d3555696e64677771266a7b6d3f5f6b66666777712530303332246871603f416a706f6f6d2d303031313e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

16e229df00e3f177a71b62742865fe1ecbb881d37a106ecfdbe12779971ea768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.exnessaffiliates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5916
Content-Type: text/html;charset=UTF-8
Date: Sun, 03 Sep 2023 14:20:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
ex.exnessstats.com/fp/ Frame 20DD 81 B
539 B 41ms
13ms XHR
image/png 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 7hs48cp7/f75f5a77670e48ea72f2b0f8-6ee0-4c5d-b39b-28d75b43ff6c
Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 03 Sep 2023 14:20:03 GMT
Server: Apache
Etag: 5daaae4404fa43a1a1517180b094d1a0
Content-Type: image/png
Access-Control-Allow-Origin: https://my.exnessaffiliates.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Fri, 01 Sep 2028 14:20:03 GMT

GET
H/1.1

204
No Content

BPIxGOJ_8S3ouFi3 Show response
h.online-metrix.net/ Frame 20DD
Redirect Chain

https://h.online-metrix.net/BPIxGOJ_8S3ouFi3?ea5f844acd54848e=8k4RrPUtbaKMpmhZe0_j4ftkLx7i00GkbVFrZCAkfDE4RTbSXK7iyzPhA8uCqiuwGbRPcZUHOz-JNkTReT3dSJADOencFgkaRIGhzsFf5e1C99teLu0FEUi7VqTtlzTwJVaznM_...
https://h.online-metrix.net/BPIxGOJ_8S3ouFi3?7fbee7a7d5b54b1f=8k4RrPUtbaKMpmhZe0_j4ftkLx7i00GkbVFrZCAkfDE4RTbSXK7iyzPhA8uCqiuwGbRPcZUHOz-JNkTReT3dSJADOencFgkaRIGhzsFf5e1C99teLu0FEUi7VqTtlzTwJVaznC5...

0
387 B

13ms
12ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/BPIxGOJ_8S3ouFi3?7fbee7a7d5b54b1f=8k4RrPUtbaKMpmhZe0_j4ftkLx7i00GkbVFrZCAkfDE4RTbSXK7iyzPhA8uCqiuwGbRPcZUHOz-JNkTReT3dSJADOencFgkaRIGhzsFf5e1C99teLu0FEUi7VqTtlzTwJVaznC5aiX7jXkroUhsm9SASxL4&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/BPIxGOJ_8S3ouFi3?7fbee7a7d5b54b1f=8k4RrPUtbaKMpmhZe0_j4ftkLx7i00GkbVFrZCAkfDE4RTbSXK7iyzPhA8uCqiuwGbRPcZUHOz-JNkTReT3dSJADOencFgkaRIGhzsFf5e1C99teLu0FEUi7VqTtlzTwJVaznC5aiX7jXkroUhsm9SASxL4&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK I-Vu9NvaU1peBCJW Show response
ex.exnessstats.com/ Frame 9699 90 KB
14 KB 18ms
18ms Document
text/html 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/I-Vu9NvaU1peBCJW?cc9ed9e571e9baed=axrVZsFLn3FkeeCF9vXdUSUtoCQsexej38qx846VyWStQz7kvtLyjFwVLD1JH6QD4JmbeJOy4Xw3Bk5KFzVa_VM-ZkUxgSSf9w6SOmNvizH4CYS03hF33bnRqh26OnHzcIf19_KQ1ohVkTWVqbVjsm3UTjnZK-3QL3eDEikdBdkF9yWpxblG7QGD01vBQsHcT0Jz5Pxq84otOyEovMc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7f93ec539ee90ebcfc516046dbca5b04b54f8a44a521e92350354ad165b074b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.exnessaffiliates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 03 Sep 2023 14:20:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content thGsl7YHI8jyq450 Show response
ex.exnessstats.com/ Frame 20DD 0
387 B 15ms
15ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK D35NPXpiUoiULwk3 Show response
h.online-metrix.net/ Frame EA7D 103 KB
15 KB 69ms
19ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/D35NPXpiUoiULwk3?ac731c004538243f=1eb2vRwKD_D919B4QNU8Lwt3brd5kBJ6ilKsfDux6FkKZxohO-pXXp8gbsPLQbT3tnizDcXl55qHd9fsDBU5N7My9jqRvT8lQetV6MlNLPcxR5skIvZA8R2NTn6Avzk_R_969ATINTgiboDBDEP0EY321AsK7qzOGgLfwTgL8YHA3y18-VxRvplcCQJqvKvOQo1nxPhcu-tP2XUjFxjY

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

91cb8b26076a54d1c0d4c9202aedb7b379ae4b423fc947106164df0f697c29e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.exnessaffiliates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 03 Sep 2023 14:20:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK eU0jBHTOkuZpB1a_ Show response
ex.exnessstats.com/ Frame E325 90 KB
13 KB 17ms
17ms Document
text/html 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/eU0jBHTOkuZpB1a_?108c8e549ad99d00=hoLKWVaTZeyHXFmxT_vVLavrd1FPR_lmwBUZ7zAS367nAL_NiQyrPvbaZhfjbKaAG_oPqSmYrj_W_9csxJ6E3IQotwnj58YbIVGdmKQvi3fmytN1-_gFdH6Jth5y8CErQOIaKOEXWZ16XS3e8k_YvG6XbjFvYIJ7FminAGzsnTgPunvuaZCgHzkjaSIGaj_ms9Cznnetyo5ZixyhtMTw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

5266953d69b8cc8de012fdc0f6046bce0a21fa60f8b0d2c4fe0125623e9a734e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.exnessaffiliates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 03 Sep 2023 14:20:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 thGsl7YHI8jyq450 Show response
ex.exnessstats.com/ Frame 20DD 0
218 B 17ms
15ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/thGsl7YHI8jyq450?d4ba43e587af4bfb=sf27GlgoTuDF_KyUQkn_C4mM8sHimXYexb4mtAS-IGf1XtLFUEdBftttmcVD9GVYi28LcTaHlFrMDMWrPPUU3bWq6OHBPncJ7oxpuQZV7Zb_MmaWS9NQSQBo8AV5VlHJGwdzLtRYltsrVSSGo7O63_5l-KA&ja=333a3b37242661353e32267a3d3e3024663d393432387a393038302461643d333432327a3330323224737a7135327830266c70703d31243334383224333a30322c333632322e333032322e3334303224393030302c393632302c393032382e382e38267163663d3036246e6a3f6a76767273273b49273246253a466f792e6d7a6c6d717b636e666b6c6b617667712c616d6f2730446c6d6f616c2532462d33446f7261656b66273b462d323732446463716a606d637066273035304e2e6a683d653f333433323d64666b333d35383836376432316437613b3b64343b3638336d2e68736f3d5f696c646f7f71273a3239322e6a71623f436a706d6f6727303233333624627b6d753d57616e666f777b246c606135333a266c646f3d3a246c6f76723f3224767a66354d77726f706d253046426d706e616c2e6f69746a723f343232316633613060676130306d3e6163353638303a32616c33373d3638336e6436353a38333633663467636330366461313c636662643f32313133393b3469246c703568767472732731432730442730446f792c6d706c657373696664696c6163766d712661676d2732446c6d656b6c2730442731446f70616f6b6e25334c253035324e66637b6a6a6d697266253035304424723f726e77656b6e5d6e64637368253d4564616c7b6723786e7d65616e5d776b6e666d75715d6f67666b635f7264697b6572253d4564616c7b6723786e7d65616e5d61666f60675d6361706d60637625374d6e636c736529706e7567616c5d7977616163746b6d6725374764636e716723726e756561665d73686f6b6b7561766d27374d64696e7b6523706e75656b6c5d7067636e726e617b6d7a27354566696c716521786e776f6b665d7e6c615f726c637b677027374764636e736729786e756769665f666576696e747a273d476e616e736721726e77656b6c5d7174655f74616d756572253d4564616c7b6723786e7d65616e5d6a63766327374764636e716724676e576b3f7765626f6c5565624f4e273a32392c382530302a4f72676c454e27303247512530383a2c30253238436a726f656b77652b5f676a474e253030454e514e2730324751273232392632253230204f72656e4f4e273a324d512d3232474e534e2730324751273032332e322d3a32436872676d6b756d2155676a4961765f65604b6b74273032556760454e434c474e4d576b6e7374696e6165645763707a6371712d3340253030475a565d606e676c665d6d6b6665637825334a2530304550565d6b6d646d7a5f6075646667705d6a636e645d646e6f637c2d3142253238455a545f6e6e6d6976576064656c64273340273032475a565d64706165576c677074682d3340253238475a5c5d7b6a696467725d74677a767770675d6e6d6625314a2d303045585c5f7665787c77706d5d6b6d6570706571736b6d6c5d60727661273142273a384758545f7c657a74757a675d6b6d65727a6571736b6f6c5d706576612731402732324d50565f7465707477726557646b64766d7057616c69716f76706d726b612731402732324d50565f73524f422733422d303247475b5d6d6c676d676e765d6b6c66677a5d776b6e762d3b402532304745515f666a6d5d7a6766666d725d6d6b706f63722731402730324d4551577b76616e646972665f646d706b7e637c6b7e65712531422730324d47515d76677a74777a6d5d666c6f69742733422d303247475b5d7c657a747772675d646e6d63765d6e6b6e67697a273342253a304d455357766770767d706d5f6a616e665d646e6d6376273140273232474d515f74657074777265576a6364645764646f63745d6c6b6c6763702731402730304d4d5b5d7665727c657a5f617a7063715d676062656174273340273032554740454e5d636d6467705f62756e6667725f6e6e6d69762d314a253030554540454e5d616d6f72706773716d6c5d7465787c7570655f6971766b273b402d3232574742454e5d616d6f7270677173676c57766578747d72675f657c61273b402d3038574742454c5d616d6f727067717167645d7c6d7a7475726d5f6774633927314a273a325f4540474e5f616d6f727067717167665f766d707675726557733174632d31402d3038554d42454c5d636d6f727067717167665d7467707c7772655f7b3376635f7b70656a273b402d3232574742454e5d66676077655d70656c6c6d7065725f616e646f253b40273a325f474a474e5f666572766a5d76677a76777065273b4a273230574d42454c5f6c70637f5d6a776e66677271253140273032554740454e5f6e677b675f636f66746778742d31402d3038554d42454c5d6d776e766b5d667063753336246f645d683d336e663764666e36353c326c666b34323767363060673267353666303735363e39323464343a353b26776f6e743545676d6f6c672530304b6c612c2730322a456d6f65646d2b26776764723f414e4f4e472d30382a4f6f6d676e6527304127303254776e69616c2d3a32312e33263027323020517561647c5160616665702530324667746b61672730302a5b7d607a6572672927323020327a383238324b3046452b2927304127303251756b6474516069666572253a306672697e677021246b616c3d33&jb=333737246e713f456778696c6c69253046352632273a322055616e666f75732730324c5627303233322e322d3b402532305f696c36342d31402d30387a3e342b2530304372726e67556760496b74273a4e3733372e3b3627323020494a5c4f44273a432732326c6b6967273032456761696f2b2d3a32436872676d6725324e33333e2c382c3d3836352c313632273032516364637069273a4e3733372e3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK qih26IJUEezwXC8i
7hs48cp7c3kkmdhmey24bsnymkcvv73xbhnx4lrjf75f5a77670e48eaam1.e.aa.online-metrix.net/ Frame 20DD 81 B
438 B 86ms
15ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7hs48cp7c3kkmdhmey24bsnymkcvv73xbhnx4lrjf75f5a77670e48eaam1.e.aa.online-metrix.net/qih26IJUEezwXC8i?5fbcb2e55bc35447=OHmOq54WdKQe-ijL2QDvWzAlc6V0SFw9kx9e95OBD3mFuJGQGiXOVA35C2vHWBEFPrtwl2YzC308yMQ6E3RMpTS16SQzUaa7OOxEetZOR5JxYpNpAa-tTqxHwKU089Xez8jQ09vplxXb1lS-on6cTBY6-fM0sWzGIjyG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK WEWueJR2QWkDXoPk Show response
ex.exnessstats.com/ Frame 92DA 209 KB
29 KB 23ms
23ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/WEWueJR2QWkDXoPk?f0af426cddf9fa37=MC8llIPp-v_zC9Gj-9JOmb22gAS_d6XNM5eaw6XiNiOnt0lRU4IcPu6GkjkrQdd4ghgNx1ch_MIrAGKSbCVngxWfNih-sJBvu09NrWKSQR9xKz2lTe9XcYuKTipT-XLUmGvyGy686OIjP80E19iOA1JCDw-Hi1Hk9HMKwQpU1koG

Requested by

Host: ex.exnessstats.com
URL: https://ex.exnessstats.com/eArNFK2C3Vw8WPMj?5c3c62cb1c77c059=FTXoZqN8qGCuIcpdFBWgUleJVvzBUg0qFQUSnAyu83tUi-BjPEsDcF69d5IJus8ys_IErFdDHG__HjxT0ohqU6o9GVfZrYG-s96BMpwZZR3nb4cnPnaPRF-73-XmGRv_LZgIMSzhoSx5ODKvyKL460LfbM0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

65255a83e2c226cf99ce35693410e37d2b8eed060750fd0e7eca5923381bbe7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ex.exnessstats.com/eArNFK2C3Vw8WPMj?5c3c62cb1c77c059=FTXoZqN8qGCuIcpdFBWgUleJVvzBUg0qFQUSnAyu83tUi-BjPEsDcF69d5IJus8ys_IErFdDHG__HjxT0ohqU6o9GVfZrYG-s96BMpwZZR3nb4cnPnaPRF-73-XmGRv_LZgIMSzhoSx5ODKvyKL460LfbM0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:20:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: f75f5a77670e48ea
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content Da1dRN8iY0ITPpjG Show response
ex.exnessstats.com/ Frame 9699 0
387 B 12ms
12ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/Da1dRN8iY0ITPpjG?e1b9e070d8222667=C5JRxeRNqMkBuiX0r3NO5MPQ_kctb-mE3wyYJXcBA-NX0vAGeQEzJ_0_NRe8POFlMGdN5k-mAWWQ9ITaBOSuYHwfK8KpG9D27uPAcK_4YE_Or0e24hSqhXhiOLVPKCFfTxcKkFLXWPTmbYHt-1LJHy_zafM&jf=3134246e71623f6d6a6062643930363061313a36366a6630333b39636663383735333464673b3b

Requested by

Host: ex.exnessstats.com
URL: https://ex.exnessstats.com/I-Vu9NvaU1peBCJW?cc9ed9e571e9baed=axrVZsFLn3FkeeCF9vXdUSUtoCQsexej38qx846VyWStQz7kvtLyjFwVLD1JH6QD4JmbeJOy4Xw3Bk5KFzVa_VM-ZkUxgSSf9w6SOmNvizH4CYS03hF33bnRqh26OnHzcIf19_KQ1ohVkTWVqbVjsm3UTjnZK-3QL3eDEikdBdkF9yWpxblG7QGD01vBQsHcT0Jz5Pxq84otOyEovMc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ex.exnessstats.com/I-Vu9NvaU1peBCJW?cc9ed9e571e9baed=axrVZsFLn3FkeeCF9vXdUSUtoCQsexej38qx846VyWStQz7kvtLyjFwVLD1JH6QD4JmbeJOy4Xw3Bk5KFzVa_VM-ZkUxgSSf9w6SOmNvizH4CYS03hF33bnRqh26OnHzcIf19_KQ1ohVkTWVqbVjsm3UTjnZK-3QL3eDEikdBdkF9yWpxblG7QGD01vBQsHcT0Jz5Pxq84otOyEovMc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 JY1qv0kaczkQaKrL Show response
ex.exnessstats.com/ Frame 20DD 0
218 B 13ms
13ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/JY1qv0kaczkQaKrL?0fe2f0667a38b129=7casQKhJohe9yh_5JN1QicD5dxQh6qKX_Ov41XcmLX_n3ODMhiv45trewO5hWqZ3cs4_FdUrSLUdhZyw67SEGSBEiPXNpO6u6DHltWG9xyPpxzxIWrUplY6lGwLT-rsjfyXCGHaHDAgiUstBNSN_GtSu4sdEmwQmXU-97GFCfg5v9Ju7xW5LtOLI3sjLV-nIyfOJvvB72vbWE3D-hPQ&je=3731242468616135392470676557757264617c673f2d354a273a32322530322731432735402730307465702d3a302533413b253544253f46

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 177ms
177ms Preflight 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://my.exnessaffiliates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://my.exnessaffiliates.com
access-control-max-age: 1800
cache-control: no-store
date: Sun, 03 Sep 2023 14:20:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-64f49614-103abbb323746e2b3b0e2f27
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1693750804.103775,VS0,VE171

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 171 B
190 B 189ms
188ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/2018.db6e32a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

932da1a3b64751e9a2c8802fdd4545b3e1aa342894b5e1f8d2ae269bcca6ea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-x8Di1VssCUU9ilq1hC11UqIzbd6sDwLw
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiI4ZGY4NzQxMS1kOTE5LTQxY2EtYjBkMC04ZDEwNGYxZmFhOGYiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiTGFuZ3VhZ2UiOiJlbiIsInJld2FyZF9zY2hlbWFzIjpbXX19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 95
x-served-by: cache-fra-etou8220052-FRA
x-timer: S1693750804.281838,VS0,VE182
x-amzn-trace-id: Root=1-64f49614-368c80a710d3f6ae79b29215
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 204
204 oPHcTncY-v69ATTe
ex.exnessstats.com/ Frame 20DD 0
400 B 16ms
16ms Image
image/png 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ex.exnessstats.com/oPHcTncY-v69ATTe?d23fec5e41868393=4RN-DY0rKK2FXsL4vJBbx13e63pVKY-SKA7E7MKVnAUFXfjK5wWEkM6Yw1rRhPYmVKtGq8XDusDrqCl3tIOTM2IvftXUC6dgWBoZ_mkj90asPVMq36ghL92FohX8Qg8Os4z3HiN6z8q_VFJaqBSEnjHEvx-3GWKIfaI-rFnfJkXjJz1wut0ui6QUaaxvOPmVuNccHlaXQbgjRQ9J5No&jf=36333a24716966577a6c643d746c725d6d526e73305b6e67413930544a526a7824716b665d666376673d333e3131373530303036267361665d7c7b78673577676238656166716324716b665d69657b353b323539333831313036383530693a3e363063673366303032333234323a30633a3636306b673364303b303330373831363a3238323c3032333a3231333b61663461603b363036696e603731306e323531363d363b3d34313b316631383131613430333734333230343264383e326361363c36363436696333313139336b32373067616032363a37666366323232323b30363635316c303a34666c646631676a343863643537643b606130663a66663536373a3c3a302673696c5f7169673531323c3438303a3132303a39613b603037323161636733603d3c3166376139343333663b6136313531673d396162616367323663303a67303b3731313c3f3b31333038313136623c366138303a333830633761633a63333166323266323538343b39313137643a373a6638306732386769646936356632616030353b343b33603560323b3a3e6038633538316638653d247161647a3f38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 4_6-Au9ZDPLxl7nJ
h.online-metrix.net/ Frame EA7D 0
400 B 15ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/4_6-Au9ZDPLxl7nJ?346f90d8652732a1=WH9Xn3nhdcKGNS7fzzq2dLDITWWQ2f8sXOmZEGrqKY60zEOguVLFdnzu30VxK7pZ48JU-DgB9_G3LPOwRPb-0xwvJ3o0Wv3_-RflwxDPYJ0WfmDw03qqNAa6hAe3meVtnFTYMdlEin7e6N0zTyC3utd1wyCMlADeyk5HKnkx6MtmzDJCU0mttPVl0DhP1iFO-6UokFbbQHp9hc-gmyw&jf=36333a24716966577a6c643d746c725d77357b72343055714d6e6878564a663b24716b665d666376673d333e3131373530303036267361665d7c7b78673577676238656166716324716b665d69657b353b323539333831313036383530693a3e363063673366303032333234323a30633a3636306b673364303b303330373831363a3238323c37616563353b3436603737323737333836393e6037353939616665373c37303e3231673e6130356465353360636163313a673b3232383f663263663d643033633e303b3c3231366c31373435633432646460343334606766373f393b3431323038613561383466303738346a3033383a333433366034373764646132303b31302673696c5f7169673531323c3438303a3132303b376134333b64643764666462643c3a323763663d653b393539616039633c633063603561623032673735663661673336306b3c3a31326631346162373b306038303a333830663136313a31343335363337333437613f3d633636653c613634633b33376d303b323b64646361626061303a67633230663a313b3d38356530663d626634333e247161647a3f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/D35NPXpiUoiULwk3?ac731c004538243f=1eb2vRwKD_D919B4QNU8Lwt3brd5kBJ6ilKsfDux6FkKZxohO-pXXp8gbsPLQbT3tnizDcXl55qHd9fsDBU5N7My9jqRvT8lQetV6MlNLPcxR5skIvZA8R2NTn6Avzk_R_969ATINTgiboDBDEP0EY321AsK7qzOGgLfwTgL8YHA3y18-VxRvplcCQJqvKvOQo1nxPhcu-tP2XUjFxjY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content thGsl7YHI8jyq450 Show response
ex.exnessstats.com/ Frame 20DD 0
387 B 13ms
12ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK CdLIM7x7Bbce21xg Show response
ex.exnessstats.com/ Frame 92DA 35 B
557 B 16ms
15ms Script
text/javascript 91.235.133.115
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ex.exnessstats.com/CdLIM7x7Bbce21xg?fde30b624e6ec21f=nn_5TRjBDRARFpihdfwf7voccSP-0zggbr5lDB9YBN_EgPb6G-l7EvHeccW3poGI2miEIoHiWPwqv58bQQsXDRJT1PW8pnWk32KtTIXGmqslgBLzHDUh4Yah1m_RDQTEsHk1lzTXZb9LzHy_le7vSMNlyh0tnB2rheUXm53nxvxvdk6c390ztuu8KuRu5ST7B5aMvf6EzY2UxanlNMKHcCCfrFA&sera_parametere=AEcIBAdSBVVSUVFdBA1VU1FRDV4MVgUOUwRUBg1aU1QFAQNTBlQHBQRVCENHS1gICEdAEkZEBHMTAHJAA3xAU1ZdRgNZBFpSWENDQAd8QFYkBxBRcUQFB15YQxFHHVYlQwB3QwIlEVNfCgkDVQxUU1EOVF8EBFEHB1EFVQ0KV1UAAldVUQMBUVUCBVYHDFwEXwUTCFoPVFILUQdQUg0EVlEBAlZQVQ9SVxFaFgkIHVYFUwQEAlYBBFIDVFFVD1dXV1QCVQ0DBgEBAAdQAVsGVQACU1EBUg4RV14NVAUAU1hAXlxbGFARR18KCVwNAV1HDlwIQFdcdF9EWF0AEloTXFcGA0BXDkQKYV5eAVtPFkcFVQgSURtoVFdbXAdVWw5HA0MIXgA%3D&count=0&max=0

Requested by

Host: ex.exnessstats.com
URL: https://ex.exnessstats.com/WEWueJR2QWkDXoPk?f0af426cddf9fa37=MC8llIPp-v_zC9Gj-9JOmb22gAS_d6XNM5eaw6XiNiOnt0lRU4IcPu6GkjkrQdd4ghgNx1ch_MIrAGKSbCVngxWfNih-sJBvu09NrWKSQR9xKz2lTe9XcYuKTipT-XLUmGvyGy686OIjP80E19iOA1JCDw-Hi1Hk9HMKwQpU1koG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.115 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

84871ce997e0bc537541de7a23bffae31dbe72b496e6a7d48c3a077b20d1c9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ex.exnessstats.com/eArNFK2C3Vw8WPMj?5c3c62cb1c77c059=FTXoZqN8qGCuIcpdFBWgUleJVvzBUg0qFQUSnAyu83tUi-BjPEsDcF69d5IJus8ys_IErFdDHG__HjxT0ohqU6o9GVfZrYG-s96BMpwZZR3nb4cnPnaPRF-73-XmGRv_LZgIMSzhoSx5ODKvyKL460LfbM0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Sep 2023 14:20:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 93 B
286 B 2584ms
2583ms Fetch
application/json 35.162.1.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: my.exnessaffiliates.com
URL: https://my.exnessaffiliates.com/assets/2018.db6e32a2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.1.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-1-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

bb70a47c2ef8b7fa7d4fdec1097fa4007c5f8f22b02e383fd096951e0b3cc719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://my.exnessaffiliates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 03 Sep 2023 14:20:05 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64f49615-5b78ded1121c5ca644cd9ebc
content-length: 93
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 180ms
179ms Preflight 35.162.1.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.1.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-1-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://my.exnessaffiliates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Sun, 03 Sep 2023 14:20:05 GMT
strict-transport-security: max-age=15768000

GET
H3 200 collect Show response
gtm-n24g3w7-otgwz.uc.r.appspot.com/g/ 375 B
351 B 455ms
454ms XHR
text/plain 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG&gtm=45je38u0&_p=273731415&cid=1706399507.1693750802&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&_s=3&sid=1693750802&sct=1&seg=0&dl=https%3A%2F%2Fmy.exnessaffiliates.com%2Flogin%2F%3Forigin%3D%252Fdashboard%252F&dt=Log%20In%20-%20Exness&en=fetch_user_data&ep.userId=NULL&ep.session_id_custom=1693750802&_et=55&up.client_id_custom=1706399507.1693750802.&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

7da95e85e7fd90faaba7b3a71f5b539399d818711fdc5a137f3cf0406eac226b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 14:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 collect
region1.analytics.google.com/g/s/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?_gsid=M71C3QBXSGg1skhvHcWepinZu4gZsJ6Q
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.exnessaffiliates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M71C3QBXSG&cid=1706399507.1693750802&gtm=45j91e38u1&aip=1&z=1564379016

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.exnessaffiliates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 14:20:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.exnessaffiliates.com/	1970-01-21 00:05:10	Name: lang Value: en
.exnessaffiliates.com/	1969-12-31 23:59:59	Name: nlbi_1690367 Value: QtOZGx5wsjnoaeHPrs2TawAAAABErHlVVlVRCe1ykLihrFxR
.exnessaffiliates.com/	1970-01-20 23:13:48	Name: visid_incap_1690367 Value: ldeQAPF4R4KC4p4rTBLKGA+W9GQAAAAAQUIPAAAAAABnF/2cC1JogAQpDaD6MrQN
.exnessaffiliates.com/	1969-12-31 23:59:59	Name: incap_ses_536_1690367 Value: eCOiG1xeUi4SneXJJkJwBw+W9GQAAAAAukLQ8tlDiJrOB5tCTo2AfQ==
my.exnessaffiliates.com/	1969-12-31 23:59:59	Name: country Value: DE
my.exnessaffiliates.com/	1969-12-31 23:59:59	Name: exnessstats_id Value: 72f2b0f8-6ee0-4c5d-b39b-28d75b43ff6c
ex.exnessstats.com/	1970-01-21 00:05:10	Name: thx_guid Value: 3e390f7d624967988a9ac1aae538c966
.exnessaffiliates.com/	1970-01-20 16:38:46	Name: _gcl_au Value: 1.1.1515513406.1693750802
.exnessaffiliates.com/	1970-01-21 00:05:10	Name: _ga Value: GA1.2.1706399507.1693750802
.exnessaffiliates.com/	1970-01-20 14:30:37	Name: _gid Value: GA1.2.770966428.1693750802
.exnessaffiliates.com/	1970-01-20 14:29:10	Name: _dc_gtm_UA-8651572-1 Value: 1
.exnessaffiliates.com/	1970-01-20 14:29:10	Name: _dc_gtm_UA-106146448-1 Value: 1
.exnessaffiliates.com/	1970-01-21 00:05:10	Name: _ga_M71C3QBXSG Value: GS1.1.1693750802.1.0.1693750802.0.0.0
.t.co/	1970-01-21 00:05:10	Name: muc_ads Value: b9b76726-2c5a-4615-b19d-df8550627cb0
my.exnessaffiliates.com/	1970-01-20 14:30:37	Name: ln_or Value: eyI1MjU0MTk0IjoiZCJ9
.twitter.com/	1970-01-21 00:05:10	Name: guest_id_marketing Value: v1%3A169375080250833942
.twitter.com/	1970-01-21 00:05:10	Name: guest_id_ads Value: v1%3A169375080250833942
.twitter.com/	1970-01-21 00:05:10	Name: personalization_id Value: "v1_KcyV8Jz8Me1LQ6JEkeE1vA=="
.twitter.com/	1970-01-21 00:05:10	Name: guest_id Value: v1%3A169375080250833942
.linkedin.com/	1970-01-20 16:38:46	Name: li_sugr Value: 2190d373-c7ac-4526-8cbb-5e9afcf956e8
.linkedin.com/	1970-01-20 23:14:46	Name: bcookie Value: "v=2&897ecf3d-f4fe-4a43-829a-66200cda77f4"
.linkedin.com/	1970-01-20 14:30:37	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2647:u=1:x=1:i=1693750802:t=1693837202:v=2:sig=AQE3lrOpxJtfEyyPzG98kHp8QYSY1Kcd"
.linkedin.com/	1970-01-20 15:12:22	Name: UserMatchHistory Value: AQKgqzY-6XC5IAAAAYpbajkjg4Jk6E4_w4y-ZppuwXTeltT-dwySIPS4Ky5TPA3GwX04vD4UbZHmWA
.linkedin.com/	1970-01-20 15:12:22	Name: AnalyticsSyncHistory Value: AQI5F1ZJ-8u5ogAAAYpbajkjWoSEkY3XW7mjc1vaDHSyM1FcjoU9gFpal8f9ZFwMccGdEmrS2n7xe_knTkn_XQ
.www.linkedin.com/	1970-01-20 23:14:46	Name: bscookie Value: "v=1&20230903142002e4ff5bfa-8d04-49d1-82bc-cd9a727ed47eAQGMvdI00TVOPK90CHWPehVLpaXGNf5w"
.linkedin.com/	1970-01-20 18:48:22	Name: li_gc Value: MTswOzE2OTM3NTA4MDI7MjswMjECgV5mzRJUqS7qR/Yyb8DHYduGp1K5aX+b5qCj5PYGuA==
.doubleclick.net/	1970-01-20 23:50:46	Name: IDE Value: AHWqTUneEbCjYOJLvAtBLn3wcG6_rF8r8cN4rupVMf3Szgi8XGPSe6_Wpoutaj6L
h.online-metrix.net/	1970-01-21 00:05:10	Name: thx_global_guid Value: 888dfe70065d4d4fb34b1d8d0aaf552e
.exnessaffiliates.com/	1970-01-20 23:14:46	Name: AMP_MKTG_4a40022631 Value: JTdCJTdE
.exnessaffiliates.com/	1970-01-20 23:14:46	Name: AMP_4a40022631 Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjhkZjg3NDExLWQ5MTktNDFjYS1iMGQwLThkMTA0ZjFmYWE4ZiUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjkzNzUwODA0MTAzJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY5Mzc1MDgwMjAzNiU3RA==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ex.exnessstats.com/vuzkOETMELUnAb_9?5a6ffc258e8d7474=ZASFT9hiOTw5N0BwI9xoxmAVA3mTpTvIjRdoNrUlwK4-AM5ZxXuhENjzN6ANBewjbAMYEpH_EWFNKTCn4HgyQRUpjCepb85gCJkLWTOQHh666lsspLTfQQJPKAHNUwUuM7BuUsfyVWk0RmBKdG0znqITr1kpx751dxwCcolmEAesbUP_o1m_ST7DA-jPyE3t80r-nYDJbLeFKS9G&jb=3635242468736d7d3555696e64677771266a7b6d3f5f6b66666777712530303332246871603f416a706f6f6d2d303031313e(Line 1128) Message: Refused to create a worker from 'blob:https://my.exnessaffiliates.com/1a4d9b3e-3bea-4002-b282-e7abef499b32' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https:". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
network	warning	URL: https://ex.exnessstats.com/vuzkOETMELUnAb_9?5a6ffc258e8d7474=ZASFT9hiOTw5N0BwI9xoxmAVA3mTpTvIjRdoNrUlwK4-AM5ZxXuhENjzN6ANBewjbAMYEpH_EWFNKTCn4HgyQRUpjCepb85gCJkLWTOQHh666lsspLTfQQJPKAHNUwUuM7BuUsfyVWk0RmBKdG0znqITr1kpx751dxwCcolmEAesbUP_o1m_ST7DA-jPyE3t80r-nYDJbLeFKS9G&jb=3635242468736d7d3555696e64677771266a7b6d3f5f6b66666777712530303332246871603f416a706f6f6d2d303031313e(Line 1058) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
network	warning	URL: https://ex.exnessstats.com/vuzkOETMELUnAb_9?5a6ffc258e8d7474=ZASFT9hiOTw5N0BwI9xoxmAVA3mTpTvIjRdoNrUlwK4-AM5ZxXuhENjzN6ANBewjbAMYEpH_EWFNKTCn4HgyQRUpjCepb85gCJkLWTOQHh666lsspLTfQQJPKAHNUwUuM7BuUsfyVWk0RmBKdG0znqITr1kpx751dxwCcolmEAesbUP_o1m_ST7DA-jPyE3t80r-nYDJbLeFKS9G&jb=3635242468736d7d3555696e64677771266a7b6d3f5f6b66666777712530303332246871603f416a706f6f6d2d303031313e(Line 1058) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' default-src 'self' data: .exaffiliates.com .exaffiliate.com .xsaffiliates.com .xsaffiliate.com .exsaffiliates.com .exsaffiliate.com .exspartners.com .xsspartners.com .xsspartner.com .xssaffiliates.com .xssaffiliate.com .exness.com .exness-168.com .exness-888.com .exness888.com .exness.asia .exness.direct .exness.markets .exness.global .exness.broker .exness.trade .exnessaffiliates.com .exnessaffiliates.asia .exnessaffiliates.co.id .exnessaffiliates.markets .webvisor.com .google.com storage.googleapis.com google-analytics.com .zopim.com .surveymonkey.com fonts.googleapis.com tagmanager.google.com .exness.net .dev.env .test.env .blackswanmarkets.com .wlbrokers.com; frame-src ; script-src 'self' 'unsafe-inline' https:; style-src 'self' tagmanager.google.com fonts.googleapis.com myexness.force.com data: 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' .exness.net .dev.env .test.env .prod.env .blackswanmarkets.com .wlbrokers.com .exnessaffiliates.com .exnessaffiliates.asia .exnessaffiliates.co.id .exnessaffiliates.markets .webvisor.com .zopim.com .surveymonkey.com *.exness-id.asia fonts.googleapis.com tagmanager.google.com https: wss:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11608044.fls.doubleclick.net
7hs48cp7c3kkmdhmey24bsnymkcvv73xbhnx4lrjf75f5a77670e48eaam1.e.aa.online-metrix.net
adservice.google.com
adservice.google.de
analytics.twitter.com
api.lab.amplitude.com
api2.amplitude.com
cdn.linkedin.oribi.io
ex.exnessstats.com
exness.my.salesforce-scrt.com
googleads.g.doubleclick.net
gtm-n24g3w7-otgwz.uc.r.appspot.com
h.online-metrix.net
my.exnessaffiliates.com
myexness.force.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.244.42.133
104.244.42.3
107.154.192.37
13.107.42.14
142.250.186.166
146.75.120.157
151.101.2.132
161.71.0.38
2001:4860:4802:32::36
2600:9000:20eb:1a00:2:53b2:240:93a1
2620:1ec:21::14
2a00:1450:4001:806::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::2014
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:149b
35.162.1.143
52.47.42.134
91.235.132.130
91.235.133.115
91.235.134.131
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0c5f83e822475c324a27f964f4780cf1573219a02b86c6b0276f88042988336a
16e229df00e3f177a71b62742865fe1ecbb881d37a106ecfdbe12779971ea768
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb
4cf82e838cdbab7b385738465c38272c0e3533166ce73d0590074fc4078b21b8
4ff1e99fb4eab3684a236b78837645b5f708ecfe05d865ae764c618f6a4b7a81
5266953d69b8cc8de012fdc0f6046bce0a21fa60f8b0d2c4fe0125623e9a734e
5a6c04cd52ba8525f8cf32555418fe29acc457fdf1492da0793e836d5c2609db
65255a83e2c226cf99ce35693410e37d2b8eed060750fd0e7eca5923381bbe7a
671bbee821b27d77d46280e9465e75b583d75037880092fea68ffab9473cb18b
6931f97a7d1893756bfbe0064556ebae7ad400774b195dc70750cf20ec295415
73cc1242bb78110a16113a8ed65da47afd17f1baa6628e1648c47d0c8eecde21
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7da95e85e7fd90faaba7b3a71f5b539399d818711fdc5a137f3cf0406eac226b
7f93ec539ee90ebcfc516046dbca5b04b54f8a44a521e92350354ad165b074b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8443fdedee3a6bfa5c4f972e32bbcad649a235848d4d3d5693aecd8633a229af
84871ce997e0bc537541de7a23bffae31dbe72b496e6a7d48c3a077b20d1c9fc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8758ab3e081f251ad9f21d85d24719082e331af8ddf27c97d6af6ccca3cb715b
89b395e3a4ca058c114dbef0c44e976a331e6c0d998de0a9d03378032a0661c4
9014891452f382c42135bd634acafda83d338bc39cb3e27d6b9aa8b9c5e47da6
9033c04857874a96c138464ab8d2e30a71a820e1d685b0791980f9a4d77ebd52
91cb8b26076a54d1c0d4c9202aedb7b379ae4b423fc947106164df0f697c29e3
932da1a3b64751e9a2c8802fdd4545b3e1aa342894b5e1f8d2ae269bcca6ea08
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a1d34b829da2b00b893e24d86c95c23259c7e414881f9cfb0842bac73ac39b3b
a4cdf85f0a0e755340bf0679c2c102131c41ebfc1d71c0cd79ef7ef2d7aa782b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af5f59b63f300023b0d0f451d876715cbd56552cd94a8b0c74ece056ad4cdcd5
b1efa3519d6141d90533ff440621ae5fb8a558bb28f66248006c66e4fb0fc420
bb70a47c2ef8b7fa7d4fdec1097fa4007c5f8f22b02e383fd096951e0b3cc719
c2302bba8ff636bc8a07a491a6551eb36982dc7df14e17beee7536a080e0687d
c8c84a7211c43d9897a2e542ab36e2d79c2a2521c5ffd96c6d2c2dec4ed586dd
cd4e575df887fbe1b8a56932d6443b7f35dabda4a0536be1e93f5a9daab763f1
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06a50f7e0619a97880f6e967f293ff3a5d3460cd509ff678292bbec261b2134
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6526f69a69926e4c106c7878d7d3aa2a80ccfdc4a81ecdc8559cc38ebdcb8e5
f80252a515c7b3a9cfa203bf5b9928973cfdff48d285cecea35778cde8b25251
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

my.exnessaffiliates.com Open in urlscan Pro 107.154.192.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

95 %HTTPS

48 %IPv6

18 Domains

27 Subdomains

23 IPs

5 Countries

1691 kBTransfer

6572 kBSize

30 Cookies

6 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

my.exnessaffiliates.com Open in urlscan Pro
107.154.192.37 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

95 %
HTTPS

48 %
IPv6

18
Domains

27
Subdomains

23
IPs

5
Countries

1691 kB
Transfer

6572 kB
Size

30
Cookies

80 HTTP transactions
0 data transactions