login-gm.atfx.com Open in urlscan Pro
2a02:26f0:3500:14::1724:a24b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login-gm.atfx.com/login?lang=en
Submission: On February 13 via manual (February 13th 2023, 4:58:56 am UTC) from TW — Scanned from DE

Summary HTTP 249 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 43 domains to perform 249 HTTP transactions. The main IP is 2a02:26f0:3500:14::1724:a24b, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is login-gm.atfx.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 2nd 2022. Valid for: a year.

This is the only time login-gm.atfx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2a02:26f0:350... 2a02:26f0:3500:14::1724:a24b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	65.9.86.77 65.9.86.77	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:592::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
10	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
6	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:dc:... 2a02:26f0:dc:394::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.213.167.16 52.213.167.16	16509 (AMAZON-02) (AMAZON-02)
1	34.240.171.169 34.240.171.169	16509 (AMAZON-02) (AMAZON-02)
1 1	54.229.62.148 54.229.62.148	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.251.39.6 142.251.39.6	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2 6	2600:9000:20e... 2600:9000:20eb:9200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
24	95.101.75.139 95.101.75.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2600:9000:20e... 2600:9000:20eb:ac00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a05:d018:cc3... 2a05:d018:cc3:fe04:6457:e8bb:899e:1869	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:14::1724:a258	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2.19.126.212 2.19.126.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
2	46.137.244.140 46.137.244.140	() ()
249	53

45 2a02:26f0:3500:14::1724:a24b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

login-gm.atfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-77.ams1.r.cloudfront.net

master.d10i7a7v1hjb2v.amplifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:592::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd326.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:394::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.167.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-167-16.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.171.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-171-169.eu-west-1.compute.amazonaws.com

atsolution.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.62.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-62-148.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f6.1e100.net

10352767.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:9200:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 95.101.75.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-75-139.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ac00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe04:6457:e8bb:899e:1869 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:14::1724:a258 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

at-client-portal-api.atfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.212 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-212.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

atfx.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.244.140 (None, )

ASN- ()

prod.api.recur-omni.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	atfx.com login-gm.atfx.com at-client-portal-api.atfx.com	4 MB
28	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	41 KB
24	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 780	217 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 10352767.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	8 KB
13	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4545 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	832 KB
10	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8502	48 KB
9	google.de www.google.de — Cisco Umbrella Rank: 6186	1 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1049 sync-tm.everesttech.net — Cisco Umbrella Rank: 583	2 KB
8	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2424 d.adroll.com — Cisco Umbrella Rank: 1494	46 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 371 www.linkedin.com — Cisco Umbrella Rank: 588 px4.ads.linkedin.com — Cisco Umbrella Rank: 6404	3 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 370	24 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 483	123 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	914 B
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2122 xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2121 fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net	1 KB
4	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2164 forms.hubspot.com — Cisco Umbrella Rank: 2968	3 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12263	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	272 KB
4	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1300 c.go-mpulse.net — Cisco Umbrella Rank: 621	103 KB
4	unpkg.com unpkg.com — Cisco Umbrella Rank: 768	315 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 206 atsolution.demdex.net	6 KB
2	recur-omni.io prod.api.recur-omni.io	5 KB
2	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3308	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 731	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	2 KB
2	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1983	41 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1987	39 KB
2	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4049	173 KB
2	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2969	6 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 532	1 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 612	511 B
2	t.co t.co — Cisco Umbrella Rank: 512	494 B
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2097	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 599	30 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 699	10 KB
2	amplifyapp.com master.d10i7a7v1hjb2v.amplifyapp.com	382 KB
1	omtrdc.net atfx.sc.omtrdc.net	345 B
1	akstat.io 684dd326.akstat.io — Cisco Umbrella Rank: 45577	203 B
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 17220	895 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 881	453 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 432	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 323	239 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 821	376 B
249	43

	Domain	Requested by
45	login-gm.atfx.com	login-gm.atfx.com
28	www.google-analytics.com	www.googletagmanager.com login-gm.atfx.com
24	analytics.tiktok.com	login-gm.atfx.com analytics.tiktok.com
12	www.googletagmanager.com	login-gm.atfx.com www.googletagmanager.com js.hsadspixel.net
10	hm.baidu.com	login-gm.atfx.com
9	www.google.de	login-gm.atfx.com
8	sync-tm.everesttech.net	8 redirects
7	www.google.com	login-gm.atfx.com
6	s.adroll.com	2 redirects login-gm.atfx.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com login-gm.atfx.com
6	googleads.g.doubleclick.net	www.googletagmanager.com
6	assets.adobedtm.com	login-gm.atfx.com assets.adobedtm.com
5	www.facebook.com	login-gm.atfx.com
5	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	region1.analytics.google.com	www.googletagmanager.com
4	my.rtmark.net	www.googletagmanager.com login-gm.atfx.com
4	connect.facebook.net	login-gm.atfx.com connect.facebook.net
4	10352767.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	unpkg.com	login-gm.atfx.com
3	px.ads.linkedin.com	3 redirects
2	prod.api.recur-omni.io	master.d10i7a7v1hjb2v.amplifyapp.com
2	forms.hubspot.com	js.hsleadflows.net
2	track.hubspot.com
2	api.hubapi.com	js.hsadspixel.net
2	sync.search.spotxchange.com	1 redirects login-gm.atfx.com
2	ib.adnxs.com	1 redirects login-gm.atfx.com
2	js.hs-analytics.net	js.hs-scripts.com
2	js.hs-banner.com	js.hs-scripts.com
2	js.hsleadflows.net	js.hs-scripts.com
2	js.hsadspixel.net	js.hs-scripts.com
2	dsum-sec.casalemedia.com	1 redirects login-gm.atfx.com
2	adservice.google.com	10352767.fls.doubleclick.net
2	d.adroll.com	s.adroll.com
2	px4.ads.linkedin.com	login-gm.atfx.com
2	analytics.twitter.com	login-gm.atfx.com
2	t.co	login-gm.atfx.com
2	js.hs-scripts.com	www.googletagmanager.com
2	static.ads-twitter.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	dpm.demdex.net	assets.adobedtm.com login-gm.atfx.com
2	c.go-mpulse.net	s.go-mpulse.net
2	s.go-mpulse.net	login-gm.atfx.com
2	master.d10i7a7v1hjb2v.amplifyapp.com	login-gm.atfx.com
1	atfx.sc.omtrdc.net
1	684dd326.akstat.io	s.go-mpulse.net
1	fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	at-client-portal-api.atfx.com	login-gm.atfx.com
1	ipapi.co	login-gm.atfx.com
1	image2.pubmatic.com	login-gm.atfx.com
1	us-u.openx.net	login-gm.atfx.com
1	pixel.rubiconproject.com	login-gm.atfx.com
1	cm.g.doubleclick.net	login-gm.atfx.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	cm.everesttech.net	1 redirects
1	atsolution.demdex.net	assets.adobedtm.com
249	59

This site contains links to these domains. Also see Links.

Domain
apply-uk.atfx.com
f.hubspotusercontent10.net

Subject Issuer	Validity	Valid
*.atfx.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-02` - `2023-08-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.d10i7a7v1hjb2v.amplifyapp.com Amazon	`2022-09-01` - `2023-09-29`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-22` - `2023-02-20`	3 months	crt.sh
rtmark.net R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
prod.api.recur-omni.io Amazon RSA 2048 M02	`2023-02-03` - `2023-12-24`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://login-gm.atfx.com/login?lang=en
Frame ID: 09E24333464A453C94F50BD9D1CB5E6D
Requests: 231 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Frame ID: B7B5FF5852A87576FFBBB58A23279FE3
Requests: 2 HTTP requests in this frame

Frame: https://atsolution.demdex.net/dest5.html?d_nsid=0
Frame ID: A69442A70E2483755515D5030E883A95
Requests: 9 HTTP requests in this frame

Frame: https://10352767.fls.doubleclick.net/activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den
Frame ID: 1AB8F9B08CE653E9EBF8859BC7736A59
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Frame ID: EFC474D7002EEAAED9E03B983D4405C1
Requests: 4 HTTP requests in this frame

Frame: https://10352767.fls.doubleclick.net/activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den
Frame ID: 8A683EEC30CB3025A633514066D3304D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ATFX Client Portal

Page URL History Show full URLs

https://login-gm.atfx.com/login?lang=en Page URL
https://login-gm.atfx.com/login?lang=en Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

249
Requests

90 %
HTTPS

58 %
IPv6

43
Domains

59
Subdomains

53
IPs

10
Countries

6406 kB
Transfer

22189 kB
Size

50
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://apply-uk.atfx.com/
Title: (https://apply-uk.atfx.com/)

Search URL Search Domain Scan URL

URL: https://f.hubspotusercontent10.net/hubfs/6693213/ATFX%20Legal%20Documents%202020%20(All%20Entities)/ATFX%20GM%20Legal%20Documents%202020/ATFX%20GM%20Standard%20Terms%20of%20Business%20EN%20-%20V20200605.pdf
Title: Risk Disclosure Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login-gm.atfx.com/login?lang=en Page URL
https://login-gm.atfx.com/login?lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cm.everesttech.net/cm/dd?d_uuid=36901671544828242333437429018048927478 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_nDhAAAAEnEVQOV

Request Chain 34

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den HTTP 302
https://10352767.fls.doubleclick.net/activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Request Chain 48

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3690196%26time%3D1676264324284%26url%3Dhttps%253A%252F%252Flogin-gm.atfx.com%252Flogin%253Flang%253Den%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&liSync=true&e_ipv6=AQKI9FqNA5x1hwAAAYZJI78IfLvZmHnCs0VyQuUXvWnE1yDT8cmptau8gXpvbwZN5LGmCMV_

Request Chain 58

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9uRGhBQUFBRW5FVlFPVg==

Request Chain 59

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 62

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_nDhAAAAEnEVQOV&expires=90

Request Chain 70

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_nDhAAAAEnEVQOV HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_nDhAAAAEnEVQOV&C=1

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y_nDhAAAAEnEVQOV HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_nDhAAAAEnEVQOV

Request Chain 86

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_nDhAAAAEnEVQOV

Request Chain 89

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_nDhAAAAEnEVQOV

Request Chain 90

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_nDhAAAAEnEVQOV&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_nDhAAAAEnEVQOV&img=1&__user_check__=1&sync_id=17f83e58-ab5b-11ed-9028-1bce7de30506

Request Chain 91

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_nDhAAAAEnEVQOV&t=2592000&o=0

Request Chain 160

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den HTTP 302
https://10352767.fls.doubleclick.net/activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Request Chain 172

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 178

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264327073&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264327073&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&e_ipv6=AQKwnFDppumYKQAAAYZJI8f7K19ZBDptXxTA1_t4H-p_YG559yTiqe5-0lu0FnnI2r7_WDJG

Request Chain 227

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pmtewjbob HTTP 302
https://xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 228

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pmtewjbob HTTP 302
https://fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net/eum/results.txt

249 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 login Show response
login-gm.atfx.com/ 15 KB
6 KB 1108ms
1010ms Document
text/html 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

7885e9126e482314497c6e3a9ccc7eef92d56d74450dbed2767930d815b36455

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5890
content-type: text/html
date: Mon, 13 Feb 2023 04:58:43 GMT
etag: "63e5ae92-2eb3"
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
server-timing: cdn-cache; desc=MISS edge; dur=973 origin; dur=5
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 11955 0 pmb=mRUM,1
x-envoy-upstream-service-time: 0

GET
H2 200 vendors-app.45c3aedd.css
login-gm.atfx.com/css/ 85 KB
17 KB 632ms
631ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f5c0bc154ef72cd3195f9435f64a82bcc65d8eb2d4c9fd8eeecd8d02a94f3bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-15509"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=456, origin; dur=159
accept-ranges: bytes
content-length: 17532
expires: Mon, 13 Feb 2023 04:58:43 GMT

GET
H2 200 app.003f6e36.css
login-gm.atfx.com/css/ 67 KB
11 KB 629ms
628ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/app.003f6e36.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

011204246d4138ec264b9b91d50a4bd5c9245a3e590244f6a095f34092f0f98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-10b87"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=446, origin; dur=159
accept-ranges: bytes
content-length: 11142
expires: Mon, 13 Feb 2023 04:58:43 GMT

GET
H2 200 logo_zh-hant.png
login-gm.atfx.com/static/img/ 4 KB
4 KB 21ms
17ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/logo_zh-hant.png

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f2e329624a41e2cd7ef13d83dedde07666fb2c3741a6e925ca18219d3991a2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-e02"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3586
expires: Mon, 13 Feb 2023 04:58:43 GMT

GET
H2 200 indexLanuge.js Show response
login-gm.atfx.com/ 2 KB
801 B 218ms
215ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/indexLanuge.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

fa85956f083369c2cf8d7fdba0260d79a0a2a35830968af43bcf822ad2baa01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-958"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=191, origin; dur=4
accept-ranges: bytes
content-length: 515

GET
H2 200 xlsx.mini.js Show response
unpkg.com/xlsx@0.16.0/ 296 KB
84 KB 1268ms
1236ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/xlsx@0.16.0/xlsx.mini.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eeb21a517805c2a70a4c9f542c4fae3a46ade3a1ecb7fafa1862f5b63197f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GS4J7ERZ0CVJ3N586569BN7G-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"49ff8-XFXgaaBK2B/R+WcopKR5pOYJzzQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 798afd981a6f3643-FRA

GET
H2 200 forge.min.js Show response
unpkg.com/node-forge@0.9.1/dist/ 283 KB
74 KB 1513ms
1481ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/node-forge@0.9.1/dist/forge.min.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c97ac62300ca518092eff2cb8c98e589c3b9fb3cd76d6f4201e1e938b122feb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GS4J7ERXZ95FBWS3K9HQP95B-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"46b9e-WGXANzrBJqXdEGcaUeoJ/fpWF6Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 798afd981a703643-FRA

GET
H2 200 recur-livechat.js Show response
master.d10i7a7v1hjb2v.amplifyapp.com/ 745 KB
191 KB 325ms
235ms Script
application/javascript 65.9.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-77.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bf185d2b8a00d67d9d199c7e089d13bddea38e14030a68cca4e3699039a78d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
content-encoding: gzip
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
last-modified: Fri, 14 Oct 2022 04:50:51 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
etag: W/"a7a2b5e63e75754efff68575ebae0151"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: U3gcVMsdQ7rA1XCYKPwCsBgQAHhoQvjdRJ_WOO6GC6lb06zf5JZuAA==

GET
H2 200 chunk.crypto-js.1628d69e.js Show response
login-gm.atfx.com/js/ 99 KB
29 KB 687ms
685ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.crypto-js.1628d69e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

55146e4beb0d1e16fe104092ed8cb7bc92aa167b2d1227cfca6316b0636ef7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-18b4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=191, origin; dur=3
accept-ranges: bytes
content-length: 29625

GET
H2 200 chunk.core-js.2599a40e.js Show response
login-gm.atfx.com/js/ 87 KB
29 KB 1284ms
1283ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.core-js.2599a40e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

1fa2f27d40e61b6b580c05e34d446093c5dd809d7803c4ef68ef05524e23ec3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-15ca1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=569, origin; dur=3
accept-ranges: bytes
content-length: 29663

GET
H2 200 chunk.element-ui.910a14f6.js Show response
login-gm.atfx.com/js/ 664 KB
162 KB 902ms
898ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.element-ui.910a14f6.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

72618a0aeea718799117d66290446e824bce3b017c34de88c43a28cff87ee9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-a5e79"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=245, origin; dur=3
accept-ranges: bytes

GET
H2 200 chunk.vue.4a1c49a7.js Show response
login-gm.atfx.com/js/ 75 KB
28 KB 1247ms
1243ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.vue.4a1c49a7.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

20580f9af5de5e2264d9fb10273224b492d5d22b140a1523ba3912ac1e9ab88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-12c24"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=568, origin; dur=5
accept-ranges: bytes
content-length: 28044

GET
H2 200 chunk.lodash.cb30e553.js Show response
login-gm.atfx.com/js/ 68 KB
25 KB 1200ms
1196ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.lodash.cb30e553.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

873470d56849b263e38c96bf51b0b884c98d959387de7f9e0134a79cfbb3e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-10f4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=787, origin; dur=2
accept-ranges: bytes
content-length: 25112

GET
H2 200 chunk.oidc-client.8f078270.js Show response
login-gm.atfx.com/js/ 273 KB
71 KB 1554ms
1550ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.oidc-client.8f078270.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a5a107b924ba9dd5b041f5a96e1b996ed9cecdfbceffea0b702872cc6b0cd121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-445a1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=571, origin; dur=3
accept-ranges: bytes

GET
H2 200 vendors-app.cc11595b.js Show response
login-gm.atfx.com/js/ 878 KB
273 KB 1472ms
1468ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/vendors-app.cc11595b.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a95b8dd024ef75bd712754922bea85f15851105b8a398330cdfb92039d212f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-db683"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=789, origin; dur=6
accept-ranges: bytes

GET
H2 200 app.3e7d45d7.js Show response
login-gm.atfx.com/js/ 2 MB
607 KB 621ms
617ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/app.3e7d45d7.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

7ef2931d3bd802be9e67e6789c378b234b82f61dfabf7dd7dfa62687cde9c6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-2773cd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=445, origin; dur=159
accept-ranges: bytes
content-length: 620320
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 0
77 KB 642ms
639ms Other
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-100554"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=441, origin; dur=159
accept-ranges: bytes
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET index.css
login-gm.atfx.com/static/css/theme/ 0
0

GET
H2 200 V2UHH-T34F7-YEC6S-FU52F-HJLLF Show response
s.go-mpulse.net/boomerang/ Frame B7B5 202 KB
51 KB 40ms
11ms Script
application/javascript 2a02:26f0:3500:592::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: br
last-modified: Mon, 09 Jan 2023 07:58:20 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 51580

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 357 KB
98 KB 209ms
91ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d6dab45188c197848c3b441ed71c5ac6e2bbf27a4f9017b6df2378a9ddee93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100302
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1431ms
338ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?61ac16100c228c043039c8a2ba9e8829

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

2241befde505261fb3e0d7201027d0b04c2b558a90a0a67f84ff43dba1f396f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:45 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: d6de32e9a34b7c990dcace61af323939
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11265

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1466ms
350ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f6a7ea91aaa56510db1faa27ec9e41c1

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d49b7c1a3e5c9b18115710fcb415031aef60a04661cb1e47e2a48cef608b53c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:45 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 793b9cd67fb5951e3b03f237c607507d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11256

GET
H2 200 launch-9724699d2dd6.min.js Show response
assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/ 150 KB
47 KB 84ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7d7643dd6043bcdde15382b1e39d8720150395f412e8b2e7b5e44e204ffa3cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 07:13:03 GMT
server: AkamaiNetStorage
etag: "ceb733af1bbb16d16c3bcc3486d13f6b:1674803583.010398"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48145
expires: Mon, 13 Feb 2023 05:58:43 GMT

GET
H2 200 Muli-Regular.c9c98d2b.woff
login-gm.atfx.com/fonts/ 50 KB
50 KB 658ms
658ms Font
application/font-woff 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/Muli-Regular.c9c98d2b.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/app.003f6e36.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

73d390d4a7b9b8b5d1fd8efee66f3cd6487282b44322af02e933ad1bdb5eadaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/app.003f6e36.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-c7f8"
content-type: application/font-woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=473, origin; dur=160
accept-ranges: bytes
content-length: 51192
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET
H2 200 new_logo.webp
login-gm.atfx.com/static/img/ 4 KB
4 KB 580ms
580ms Image
image/webp 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/new_logo.webp

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

ab8d6fa3589d2aaf852aaff25ef9ba685ee97708b5e9b38968bb29b936da48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-f94"
content-type: image/webp
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=561, origin; dur=2
accept-ranges: bytes
content-length: 3988

GET
H2 200 loading.webm
login-gm.atfx.com/static/img/ 2 KB
3 KB 587ms
587ms Image
video/webm 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/loading.webm

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

b4b36f862fae672a6d926130bebeb95c5cedc5eab58e9ebb7d940a6e5014d9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-9e8"
content-type: video/webm
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=567, origin; dur=3
accept-ranges: bytes
content-length: 2536

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame B7B5 1008 B
883 B 125ms
46ms XHR
application/json 2a02:26f0:dc:394::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=V2UHH-T34F7-YEC6S-FU52F-HJLLF&d=login-gm.atfx.com&t=5587548&v=1.632.0&if=&sl=0&si=gz32jffoqmo-rq05tw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=619580
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:394::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 00506355293ef477b899ed0e5fb6cc123e944de4e696d66a4a1e9eeeac550778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 563

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 147ms
32ms XHR
application/json 52.213.167.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F64735DD5CF122370A495FCD%40AdobeOrg&d_nsid=0&ts=1676264323937

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.167.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-167-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

961838f9cc404b52bd0c79f020de8bb5546e238acf8ce24ff7ad3dba54afdf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v046-017db7cbf.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4bLZXpPcSbw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://login-gm.atfx.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 896
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Mon, 13 Feb 2023 05:58:43 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:43 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Mon, 13 Feb 2023 05:58:43 GMT

GET
H/1.1 200
OK dest5.html Show response
atsolution.demdex.net/ Frame A694 7 KB
3 KB 252ms
29ms Document
text/html 34.240.171.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://atsolution.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.171.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-171-169.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v046-0d62fe975.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RrmrerJxQLI=
content-encoding: gzip
date: Mon, 13 Feb 2023 04:58:44 GMT
last-modified: Wed, 8 Feb 2023 11:26:59 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y_nDhAAAAEnEVQOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=36901671544828242333437429018048927478
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_nDhAAAAEnEVQOV

42 B
942 B

32ms
32ms

Image
image/gif

52.213.167.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_nDhAAAAEnEVQOV

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Server

52.213.167.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-167-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0387bcfab.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6z6wgGXXQJE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_nDhAAAAEnEVQOV
Date: Mon, 13 Feb 2023 04:58:44 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 164ms
47ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 03:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6398
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 13 Feb 2023 05:12:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/ 2 KB
1 KB 160ms
81ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/?random=1676264324165&cv=11&fst=1676264324165&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&auid=2091697523.1676264324&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f971e22dd2984c774ea879f43b7b176c664e8a8fdc0136ae2a82a9114586468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 870
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den Show response
10352767.fls.doubleclick.net/ Frame 1AB8
Redirect Chain

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang...
https://10352767.fls.doubleclick.net/activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%...

415 B
574 B

108ms
106ms

Document
text/html

142.251.39.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10352767.fls.doubleclick.net/activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f6.1e100.net

Software

cafe /

Resource Hash

bd58c023a72f342f6037bf474a033cbb969fa7205abee7677150d6ec2173b69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login-gm.atfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 04:58:44 GMT
expires: Mon, 13 Feb 2023 04:58:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 04:58:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10352767.fls.doubleclick.net/activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 67ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 13 Feb 2023 04:58:43 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9CDAA40B4A0A494C88EFEE100B4C6076 Ref B: FRAEDGE1421 Ref C: 2023-02-13T04:58:44Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 88ms
19ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67294
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 50ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220085-HHN

GET
H2 200 6693213.js Show response
js.hs-scripts.com/ 2 KB
923 B 393ms
375ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6693213.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42c4d428434e2e53d5555510c8fc33f148d5d03e2e24271ca372bcfbc0ea4237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 13 Feb 2023 04:54:47 GMT
server: cloudflare
x-hubspot-correlation-id: 00344bda-301d-41a1-a586-885b87041380
x-trace: 2B10319B921B4A13BA255E31CB48244DDC6D7C491E000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 798afd9aa8219bf5-FRA
expires: Mon, 13 Feb 2023 04:59:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 38ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Feb 2023 04:58:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: y9NgjJIK5zreXPBnvNp1tLo8lAE6RuDvd8hBGkUJai9XGa8MAVU5Q0rSeIwvfF/Fue7jR6sgjOKgG811RmD+hQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 46ms
12ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

10ab237d847c442817c877542e4db7ee1be867bba46b692ef9832204fcad62ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/ 71 KB
21 KB 90ms
11ms Script
text/javascript 2600:9000:20eb:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50f0ed11d40805b9e2980d4831f74838b68ead238243324ba9d64e8e45f586b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Amz-Version-Id: 4SX1kwv86q10f3PY6W4ggUajoFDULccH
Content-Encoding: gzip
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Date: Mon, 13 Feb 2023 04:58:44 GMT
Age: 1963
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 12 Feb 2023 17:06:00 GMT
Server: AmazonS3
Etag: W/"bc6e136b4bc527b382d05f12556cd66f"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: M-i7nz2NoirCyg4r7ahgvVvIyyNVN55PCtpFxsEN7OT6l7XwhQcOPQ==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 255ms
129ms Script
application/javascript 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 33bb10b2a2803b023a57ac6d15e45a80964132dbaf34c57438cedc470aa9801c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 3238a807
date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=108
content-length: 1401
pragma: no-cache
server: nginx
x-tt-logid: 202302130458447A44E8967AE842CD492D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 108,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65eb087f3c64ce07ec4533e1df055b92681f7bf199dc8d1b95885cb594e14472273d732162501a71c8da40deac16f7b35106aee867d87dd77a6106ca53a69bfd706
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 76ms
76ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab981ad98686bc1d82baaa46c29012dbdb9dba596afa6f9a43838953aec00efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 150ms
123ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1ddb93ce-c2d8-42bb-978b-f6dc23352221&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=690ada2c-74c0-4efc-aedc-bdb9fa06f7a5&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 13 Feb 2023 04:58:44 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4c1d5a3e0a9c232a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5dffd54cf74f6a22b2b14fdeedb75d0decaf9cb65c47a6a2f09731c3f8091635
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 175ms
122ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1ddb93ce-c2d8-42bb-978b-f6dc23352221&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=690ada2c-74c0-4efc-aedc-bdb9fa06f7a5&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 13 Feb 2023 04:58:43 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: aed0eb199456917d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: eab2e007c1bf436bf2c3be5f45a289806e66df56a258cf9247c200673beed147
content-length: 43

GET
H2 204 56384898.js Show response
bat.bing.com/p/action/ 0
117 B 101ms
101ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384898.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 13 Feb 2023 04:58:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C96A6D6D30C457AB2F3F579BA9C1DF6 Ref B: FRAEDGE1421 Ref C: 2023-02-13T04:58:44Z
x-cache: CONFIG_NOCACHE

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3690196/domain/login-gm.atfx.com/ 36 B
376 B 55ms
10ms XHR
application/json 2600:9000:20eb:ac00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3690196/domain/login-gm.atfx.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ac00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 01:24:47 GMT
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 12837
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=19582
x-amz-cf-id: 07VQjuWMlKrOSPgd-wuAC8j5cajCVhHXrO9ecyAfhcth6zUjYP2RzA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3690196%26time%3D1676264324284%26url%3Dhttps%253A%252F%252Flogin-gm.atfx.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&liSync=true&e_ipv6=AQKI9FqNA5x1hwAAAYZJI78IfLvZmHnCs0VyQuUXvWn...

0
266 B

202ms
177ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&liSync=true&e_ipv6=AQKI9FqNA5x1hwAAAYZJI78IfLvZmHnCs0VyQuUXvWnE1yDT8cmptau8gXpvbwZN5LGmCMV_
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 629D7E8B8BB3493FB9BCE3F5F336CC71 Ref B: FRAEDGE1715 Ref C: 2023-02-13T04:58:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0jbOlMmkh4bHqSOuA5g==

Redirect headers

date: Mon, 13 Feb 2023 04:58:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D66F889204D34604B7DC2CAB3E46B1F5 Ref B: FRAEDGE1708 Ref C: 2023-02-13T04:58:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264324284&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&liSync=true&e_ipv6=AQKI9FqNA5x1hwAAAYZJI78IfLvZmHnCs0VyQuUXvWnE1yDT8cmptau8gXpvbwZN5LGmCMV_
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0jbOiJDDT6Gan+NV8tA==

GET
H2 200 661389801117388 Show response
connect.facebook.net/signals/config/ 378 KB
109 KB 525ms
525ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661389801117388?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faed0a48e33f3dd5974fa6cf42f6a89e090e16af4e38d7b4e633038b5a79abf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Feb 2023 04:58:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nDMyTbBuL5fxooZUvL3xKO2LNdqIPN1Wnf49ond0n8Ex0xuaxTDc8vdLwT7uAmZybzbya1jpC6UGgLeJsuD8wA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 230 KB
79 KB 77ms
77ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d85acbee4e5e00d6a721a753cb3491f13f47b35c93cc4abfbf66b09a755345a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 63ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3280&_p=1215886925&_gaz=1&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 18ms
18ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6Y793BN4BT&cid=804768484.1676264324&gtm=45je3280&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 125ms
45ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6Y793BN4BT&cid=804768484.1676264324&gtm=45je3280&aip=1&z=927663265

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819544204/ 42 B
154 B 139ms
55ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819544204/?random=1676264324165&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=3648623436&rmt_tld=0&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819544204/ 42 B
154 B 47ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819544204/?random=1676264324165&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=3648623436&rmt_tld=1&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152401985-1&cid=804768484.1676264324&jid=142021526&gjid=1254284141&_gid=2083993560.1676264324&_u=YCDAiAABBAAAAEAAI~&z=1643241030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 13 Feb 2023 04:58:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 49ms
48ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=pageview&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABBAAAAAAAI~&jid=142021526&gjid=1254284141&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=1461021167

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 18:46:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36725
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9uRGhBQUFBRW5FVlFPVg==

170 B
409 B

221ms
71ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9uRGhBQUFBRW5FVlFPVg==

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676264324.435035,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9uRGhBQUFBRW5FVlFPVg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js
https://s.adroll.com/j/exp/index.js

28 B
784 B

8ms
8ms

Script
application/javascript

2600:9000:20eb:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Server: 2600:9000:20eb:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Date: Sun, 12 Feb 2023 19:41:01 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 33528
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ek0TJBwGOT1fiQaGO_ZO2H9jd__NjdPG-AlNZ9ui4hw7S4wbjANgBA==

Redirect headers

Date: Sun, 12 Feb 2023 11:02:28 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 64575
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ccZ9H6Vw_ns6vtSNgEJSX_LR4ZjBk10rluFlgDrUw_jf7hGnn41_6g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 107ms
49ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-152401985-1&cid=804768484.1676264324&jid=142021526&_u=YCDAiAABBAAAAEAAI~&z=1211369157

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-152401985-1&cid=804768484.1676264324&jid=142021526&_u=YCDAiAABBAAAAEAAI~&z=1211369157

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_nDhAAAAEnEVQOV&expires=90

0
239 B

123ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_nDhAAAAEnEVQOV&expires=90
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676264324.469230,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_nDhAAAAEnEVQOV&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 0
77 KB 334ms
333ms Other
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-100554"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=148, origin; dur=159
accept-ranges: bytes
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 1 MB
77 KB 341ms
340ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

b05da04ed5778632c6f9a861a1bc26b0d536d5e63aece0b547abeed977a24c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-100554"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=152, origin; dur=161
accept-ranges: bytes
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 25ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3280&_p=1215886925&_gaz=1&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&en=Page%20view%3A%20https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 21ms
20ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RB6RNN86NX&cid=804768484.1676264324&gtm=45je3280&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RB6RNN86NX&cid=804768484.1676264324&gtm=45je3280&aip=1&z=1017798626

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UVYGNOCARNBIDOW25C5BBP Show response
d.adroll.com/consent/check/ 463 B
556 B 124ms
28ms Script
application/javascript 2a05:d018:cc3:fe04:6457:e8bb:899e:1869
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UVYGNOCARNBIDOW25C5BBP?pv=47578253330.62633&arrfrr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&_s=14dedb4311d67f71cbc23925105d7228&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:6457:e8bb:899e:1869 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 014bdc7b05fd8dd839b68b41d4e15d9aa77af1c993bdc225aa7532534f30b010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=*;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den
adservice.google.com/ddm/fls/z/ Frame 1AB8 42 B
401 B 160ms
74ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=*;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: 10352767.fls.doubleclick.net
URL: https://10352767.fls.doubleclick.net/activityi;dc_pre=CMW37Jzbkf0CFZEkBgAd7pgB0A;src=10352767;type=homevist;cat=atfxc0;ord=6305954297654;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10352767.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_nDhAAAAEnEVQOV
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_nDhAAAAEnEVQOV&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_nDhAAAAEnEVQOV&C=1
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y_nDhAAAAEnEVQOV&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 main.MWNiNWY1N2YyNA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 263 KB
70 KB 22ms
21ms Script
application/javascript 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fabc5a49269ec5c2dc576471f74f5b0f5c935017e8080f88a9e70524181c6c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 3238a884
date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023020721085334801A0C4FB0C69178B4
vary: Accept-Encoding
x-cache: TCP_HIT from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b74ddcab41230b6b9661be7434ed2bb8f5ac280f8a7a5ae70e7c97bc2bf9dcecb9f58237225b5dcdbcc5f4b463c609952936348f2c044947107ec2243448c38657c739eae4fbafa68852aec201bfe078905a5c98f362c79a36ea13f19e2fee32
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 71073

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 53ms
21ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 36
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=798afcb8aa0b35f3-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
cache-control: max-age=600
cf-ray: 798afd9d3bd235ed-FRA
x-amz-cf-id: odpv5mUOm0qNv-JVDmXTn2gzNKtzfV9HJn5zm5DQrPj1jeqZVVdL3A==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 544 KB
87 KB 176ms
135ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

Request headers

Referer: https://login-gm.atfx.com/
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=798afd9d4f539bf2-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
server: cloudflare
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 798afd9d4f539bf2-FRA
x-amz-cf-id: wjhl2UGR0lkvT5qxMdYdVJUhFevL2GFR2W9l8waK0gT-2ohLvznRyw==
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js

GET
H2 200 6693213.js Show response
js.hs-banner.com/ 93 KB
20 KB 62ms
30ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00bb32d0a96534e8cedfc21e92028ce13af2548d0737f84ef554c63b9ecee2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
x-amz-version-id: G5MCFojZCw7IVpBAtyw5w7g4mKO0GFHl
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3D60RCJWV32SZNJM
age: 272
x-amz-server-side-encryption: AES256
x-amz-id-2: YTEPAZrx8qUpumdyS0K5WaXhOc98cUnCsJOtFPMPp3ZwANR9sX9jSGpPp9NGht2txMInQuG7yeM=
last-modified: Wed, 14 Dec 2022 05:46:51 GMT
server: cloudflare
etag: W/"acb0560b1cdf198f8bbcd8d42744153a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://lp.atcapital.group
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 798afd9d3f7290e2-FRA
expires: Mon, 13 Feb 2023 04:59:12 GMT

GET
H2 200 6693213.js Show response
js.hs-analytics.net/analytics/1676264100000/ 65 KB
20 KB 190ms
173ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1676264100000/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185daa7db5564bb45449147b73a658b4ec0d9445abffa9426d308cf5aad24300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:44 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: AM6K9ADBCTMBEQ7S
x-amz-server-side-encryption: AES256
x-amz-id-2: ZuvNii0jgd1TW5g9XwkXjRuEPsa3+dQw33wEVj3u02VkreR+5KKcZu9jHfSmOKv4SrjAMM1V3gU=
last-modified: Wed, 18 Jan 2023 20:15:24 GMT
server: cloudflare
etag: W/"67cecf529c861bd9b27a71c6e4eae359"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 798afd9d1ee33827-FRA
expires: Mon, 13 Feb 2023 05:03:44 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y_nDhAAAAEnEVQOV
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_nDhAAAAEnEVQOV

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_nDhAAAAEnEVQOV

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:44 GMT
AN-X-Request-Uuid: 811f9ae3-78b6-41ca-af4f-0769731d1def
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:44 GMT
AN-X-Request-Uuid: 13e11ccc-032e-4369-bddc-bf7d8a1fd318
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_nDhAAAAEnEVQOV
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 identify_5f1fb.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 76ms
75ms Script
application/javascript 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 3238a906
date: Mon, 13 Feb 2023 04:58:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202302072108334F776667E8C87D15DD00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01be4a2790561c544e7ddbdb8e097a0bec166579a341868a960b6b49542969a3087e53e43bd7f40d2026fcca1261e4ed136a34e0e1a4dfdcacb5942f49478fb746fa4faf7c73e0c8824e0ea427b6120dded43c0dea8ef6cc9559212b335c8fe009
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 30688

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 169ms
168ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-akamai-request-id: 3238a917
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230213045844DC68D934789997A11C5C
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 126,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65efb6996ab2f7cc87411b28bdf213dab0258d8b9c5486b86875c474e6c74b829273007b3db60e8e7f0e731cf1b24352d401d49b5e80ca27514d2c8143470258714
server-timing: inner; dur=9, cdn-cache; desc=MISS, edge; dur=5, origin; dur=126
content-length: 0
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
551 B 198ms
197ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-akamai-request-id: 3238a918
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302130458447A44E8967AE842CD4942
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 119,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65eb087f3c64ce07ec4533e1df055b9268161ec7ab6fe530a2cb943061bcfe72495fa74561d214c888730e541558fc8aea2224d1e4a2dcd0c1f0ecf776300edd49c
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=6, origin; dur=119
content-length: 0
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
695 B 198ms
198ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5fe6dc4b.3238a919
date: Mon, 13 Feb 2023 04:58:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 112,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230213045844316561765E7C011BB721
x-cache-remote: TCP_MISS from a23-220-105-135.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.105.135
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e429cc8575ceb10fdb4d4795726b09417fd438461e5ed8d0e03424a491eefda7bca522079eac4cb0d1d5b5b060e5df7c6d960442cfe1d9897bb8d15676fa4be6487eff31ab4a658ecbd17711db9da552e
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
697 B 207ms
207ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 26c5efa4.3238a91a
date: Mon, 13 Feb 2023 04:58:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 150,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=49, inner; dur=47
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230213045844EEA51615BC0CBFFD1641
x-cache-remote: TCP_MISS from a184-25-157-162.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 49,184.25.157.162
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65ed5da337c6268da42dee8d0bdb99fa02854521814da0a675f62a042401c702f79ab553119198150bceb18127a7bde1e5f9b0fe1d36c939711dea61fcfe765b450516963e1b6eeb8b1935fd1585dc5a87e
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
693 B 202ms
202ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2b203a81.3238a91b
date: Mon, 13 Feb 2023 04:58:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 135,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=117, origin; dur=24, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023021304584452DDE620A040BFB66FF4
x-cache-remote: TCP_MISS from a184-25-157-168.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,184.25.157.168
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e6126fa9b5144fc5098e42bf2243256fd2a012a5863397ab5940da65ce1000388e0052a98d6cc8d463151ee4def198b6fdace48710e25a0dc3ece27a394b763a3aea128fa76c9979ac59718f3e7e7b1f2
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
694 B 203ms
202ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30a7204c.3238a91c
date: Mon, 13 Feb 2023 04:58:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 105,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=171, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302130458448FBC98C4B6F774C997BC
x-cache-remote: TCP_MISS from a184-25-157-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,184.25.157.175
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65eacc1eaead60b4edd128645e8c1fd77357130c2e07e2cc578b6540f9df94fe6d815a3d91de454219a5f93cf711a445d691826e7baa823959539fd271e95b25c5d31ac6b3b28286440b17d061d01e70fd1
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 220ms
220ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
x-akamai-request-id: 3238a942
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302130458449294782A26CA362E0CAD
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 140,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e4995b3ff716e02f69410a5a61ea0a0a0a83f50d3628b63cdaa38f285f0321c481b9edae1634c02afd3a435e594dd8b02c68c8affff16711fa33cfc0d411fb9ae
server-timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=4, origin; dur=140
content-length: 0
expires: Mon, 13 Feb 2023 04:58:44 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 206ms
206ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2b203a31.3238a943
date: Mon, 13 Feb 2023 04:58:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 121,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302130458440830B5E4ABE6E3312C68
x-cache-remote: TCP_MISS from a184-25-157-168.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,184.25.157.168
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e6126fa9b5144fc5098e42bf2243256fdd268cb03206f2d735285c84aba3ea9e84222323ad2e536e213ffe1bd0fe407eb77a53dab8601913eb8bd9c94736997914263404bf4bff5185b52df80c3cc2851
expires: Mon, 13 Feb 2023 04:58:44 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_nDhAAAAEnEVQOV

43 B
273 B

83ms
20ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_nDhAAAAEnEVQOV
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676264325.808094,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_nDhAAAAEnEVQOV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
696 B 145ms
145ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 29d2758c.3238a968
date: Mon, 13 Feb 2023 04:58:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 108,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=10, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302130458441FF4A0C871B422325728
x-cache-remote: TCP_MISS from a184-25-157-178.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,184.25.157.178
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65ee6a56636b08362ff964a93d4d9343c64cba8953280a70d2f6cd115d18ba20445a6ba3479bd92d44d1e0987a3988c741d2ea44b73eef405f6f8b8366ba0991bd3132acdf73590ee2bafe0803f8e7625b6
expires: Mon, 13 Feb 2023 04:58:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=PageView&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&rl=&if=false&ts=1676264324883&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1676264324882.1096907519&it=1676264324309&coo=false&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Feb 2023 04:58:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_nDhAAAAEnEVQOV

1 B
453 B

49ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_nDhAAAAEnEVQOV
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 13 Feb 2023 04:58:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Mon, 13 Feb 2023 04:58:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676264325.908689,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_nDhAAAAEnEVQOV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_nDhAAAAEnEVQOV&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_nDhAAAAEnEVQOV&img=1&__user_check__=1&sync_id=17f83e58-ab5b-11ed-9028-1bce7de30506

43 B
548 B

16ms
16ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_nDhAAAAEnEVQOV&img=1&__user_check__=1&sync_id=17f83e58-ab5b-11ed-9028-1bce7de30506
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:45 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 13 Feb 2023 04:58:45 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y_nDhAAAAEnEVQOV&img=1&__user_check__=1&sync_id=17f83e58-ab5b-11ed-9028-1bce7de30506
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 95
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame A694
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_nDhAAAAEnEVQOV&t=2592000&o=0

43 B
682 B

38ms
38ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_nDhAAAAEnEVQOV&t=2592000&o=0

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 20:58:45 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: +91t16ACyiWfeJiEeDxaG7w9pTcvY/64SwjUynVL2S5knBaE4Y9G9ygOFolg2yp57RJZbUMsUQuioN/iJfNDFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
expires: Sun, 12 Feb 2023 20:58:45 PST

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Mon, 13 Feb 2023 04:58:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676264325.119373,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_nDhAAAAEnEVQOV&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 14ms
14ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba&ttl=&rurl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152401985-5&cid=804768484.1676264324&jid=851488293&gjid=190366194&_gid=2083993560.1676264324&_u=aCDAiAABBAAAAEAAI~&z=1534981829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 13 Feb 2023 04:58:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=0&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1second&ea=1second&el=1second&ev=1&_u=aCDAiAABBAAAAEAAI~&jid=851488293&gjid=190366194&cid=804768484.1676264324&tid=UA-152401985-5&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=900859922

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5127
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 346ms
346ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=497487608&si=f6a7ea91aaa56510db1faa27ec9e41c1&v=1.3.0&lv=1&sn=10095&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:45 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 349ms
348ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=445603169&si=61ac16100c228c043039c8a2ba9e8829&v=1.3.0&lv=1&sn=10096&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:45 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 json
ipapi.co/ 754 B
895 B 241ms
196ms XHR
application/json 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json?key=8d4f82d1e42403a6a0b8d1e047df9ab827ea71bc

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/vendors-app.cc11595b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, Origin
allow: POST, OPTIONS, GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://login-gm.atfx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RHaJb0yUYQsjCpr%2Bt41V1px5TPUMXFMIwLT%2FRsskb5iWHJgSro3lEQfJ7vgTNF%2B51X8J0EwzTUvt6LIsCc7uz0rbPOLp%2BgizEkLWb7UALmzgLM%2FNTtyhKRgUe0lmNF8ICuzCTHW"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 798afda58d0a9262-FRA

GET
H2 200 json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 169 B
896 B 161ms
131ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6693213

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 149e486d-6eee-4fb7-b54b-f15bdc2a8cbf
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B3BE3DE6F10770CD15D8A747DB81541A6AEB3DC41000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVcjhfGBd6TdikSXEM79t%2FaOZfRDEDdWSz7K7piuIforFZVr88me%2FZFMzKKn2%2FUci52r0SFkLPgb8gE%2Bdojjf0g47eZgoP2GujYy25qR6d%2Bv6NPzhEZPSWe2a8gq5MJNS7YBgPfsOBej0L95"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 798afda589b36949-FRA
access-control-allow-headers: *

GET
H2 204 0
bat.bing.com/action/ 0
286 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384898&tm=gtm002&Ver=2&mid=1d67081c-e9ea-4fa4-8aa1-cb379193f857&sid=187f9240ab5b11edb955fd4511aeb241&vid=187fbea0ab5b11ed84f40b8cdbef4dae&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATFX%20Client%20Portal&p=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&r=&lt=3931&evt=pageLoad&sv=1&rn=440388

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 04:58:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D7659E2E9EF4BBE9CDAB965BCCBA64E Ref B: FRAEDGE1421 Ref C: 2023-02-13T04:58:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
901 B 144ms
124ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2789099452&v=1.1&a=6693213&pu=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&t=ATFX+Client+Portal&cts=1676264326117&vi=4feac193c1dedc13f1601ea20f7473c1&nc=true&u=195689843.4feac193c1dedc13f1601ea20f7473c1.1676264326111.1676264326111.1676264326111.1&b=195689843.1.1676264326112&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f1d26307-0557-43f6-9ea1-d276f913fd27
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHpJQwKk9P%2FRli2N8kpxd21CqxZhc74Jabn8JpZ5h4PCC6qX6x3ZkoIcbua%2BXx0UIF2uGAXwn%2FhrpaHslrr66b5FahYisPTXcmAwMgKJ9k%2BWe%2BGar8EfIwpMSJIKl%2FvrrULBCI04%2B%2Fx677D5Hig5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 798afda66c32923d-FRA
x-robots-tag: none

GET
H3 200 js
www.googletagmanager.com/gtag/ 129 KB
50 KB 73ms
73ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50822
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 04:58:46 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 129 KB
50 KB 74ms
74ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50755
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 04:58:46 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 173 KB
63 KB 120ms
120ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64783
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 04:58:46 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2010%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=684891204

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
48ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2020%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=648271745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
48ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2030%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=1955080381

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
48ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2040%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=473618093

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
49ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2050%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=766085436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2060%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=607228528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2070%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=57373711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
51ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2080%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=819164411

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
51ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2090%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=583103521

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
51ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1215886925&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%20100%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=aCDAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=2019540833

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5128
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
1 KB 244ms
158ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6693213&utk=4feac193c1dedc13f1601ea20f7473c1&__hstc=195689843.4feac193c1dedc13f1601ea20f7473c1.1676264326111.1676264326111.1676264326111.1&__hssc=195689843.1.1676264326112&currentUrl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bce61597-8a7c-4a2f-bbeb-a090ffb62973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fONOUKMALw%2BSF30IDYPf6WKdUMWS2%2B1TU%2FI5bKtc754KVwY8hL19o8GOtD7QQuY2K3KOKDuGfsiRLDwY6Rocp9347mC89Hzez9Ym1cl0sIJyjwLNJkvENtxuwgy01Z3QZW%2BD6AHMhxCIlMo8qobf"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 798afda77ab59c0d-FRA

GET index.css
login-gm.atfx.com/static/css/theme/ 0
0

GET
H2 200 Primary Request login Show response
login-gm.atfx.com/ 15 KB
6 KB 230ms
228ms Document
text/html 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/login?lang=en

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/app.3e7d45d7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

7e6015c5b1c0cdd5b74eec8cb4b887b710346f07d1ba995e9df40b9c7a9b4115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/login?lang=en
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5892
content-type: text/html
date: Mon, 13 Feb 2023 04:58:46 GMT
etag: "63e5ae92-2eb3"
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
server-timing: cdn-cache; desc=MISS edge; dur=185 origin; dur=4
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 11955 0 pmb=mRUM,1
x-envoy-upstream-service-time: 1

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/ 2 KB
960 B 83ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/?random=1676264326320&cv=11&fst=1676264326320&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2091697523.1676264324&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-725330305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/ 2 KB
956 B 83ms
83ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/?random=1676264326351&cv=11&fst=1676264326351&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2091697523.1676264324&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=Microdata&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&rl=&if=false&ts=1676264326386&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ATFX%20Client%20Portal%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1676264324882.1096907519&it=1676264324309&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Feb 2023 04:58:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 /
www.google.com/pagead/1p-user-list/725330305/ 42 B
108 B 49ms
49ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725330305/?random=1676264326320&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3925253414&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/725330305/ 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725330305/?random=1676264326320&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3925253414&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/740161488/ 42 B
108 B 49ms
48ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740161488/?random=1676264326351&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149057884&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740161488/ 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740161488/?random=1676264326351&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2149057884&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

GET hm.gif
hm.baidu.com/ 0
0

GET
H2 200 vendors-app.45c3aedd.css
login-gm.atfx.com/css/ 85 KB
17 KB 328ms
327ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f5c0bc154ef72cd3195f9435f64a82bcc65d8eb2d4c9fd8eeecd8d02a94f3bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-15509"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=146, origin; dur=163
accept-ranges: bytes
content-length: 17532
expires: Mon, 13 Feb 2023 04:58:46 GMT

GET
H2 200 app.003f6e36.css
login-gm.atfx.com/css/ 67 KB
11 KB 334ms
333ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/app.003f6e36.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

011204246d4138ec264b9b91d50a4bd5c9245a3e590244f6a095f34092f0f98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-10b87"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=149, origin; dur=159
accept-ranges: bytes
content-length: 11142
expires: Mon, 13 Feb 2023 04:58:46 GMT

GET
H2 200 logo_zh-hant.png
login-gm.atfx.com/static/img/ 4 KB
4 KB 632ms
626ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/logo_zh-hant.png

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f2e329624a41e2cd7ef13d83dedde07666fb2c3741a6e925ca18219d3991a2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-e02"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=449, origin; dur=160
accept-ranges: bytes
content-length: 3586
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 indexLanuge.js Show response
login-gm.atfx.com/ 2 KB
801 B 605ms
599ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/indexLanuge.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

fa85956f083369c2cf8d7fdba0260d79a0a2a35830968af43bcf822ad2baa01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-958"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=572, origin; dur=7
accept-ranges: bytes
content-length: 515

GET
H2 200 xlsx.mini.js Show response
unpkg.com/xlsx@0.16.0/ 296 KB
84 KB 27ms
21ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/xlsx@0.16.0/xlsx.mini.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eeb21a517805c2a70a4c9f542c4fae3a46ade3a1ecb7fafa1862f5b63197f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GS4J7ERZ0CVJ3N586569BN7G-fra
server: cloudflare
etag: W/"49ff8-XFXgaaBK2B/R+WcopKR5pOYJzzQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 798afdab387c3643-FRA

GET
H2 200 forge.min.js Show response
unpkg.com/node-forge@0.9.1/dist/ 283 KB
74 KB 31ms
25ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/node-forge@0.9.1/dist/forge.min.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c97ac62300ca518092eff2cb8c98e589c3b9fb3cd76d6f4201e1e938b122feb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GS4J7ERXZ95FBWS3K9HQP95B-fra
server: cloudflare
etag: W/"46b9e-WGXANzrBJqXdEGcaUeoJ/fpWF6Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 798afdab387d3643-FRA

GET
H2 200 recur-livechat.js Show response
master.d10i7a7v1hjb2v.amplifyapp.com/ 745 KB
191 KB 229ms
223ms Script
application/javascript 65.9.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-77.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bf185d2b8a00d67d9d199c7e089d13bddea38e14030a68cca4e3699039a78d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: gzip
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
last-modified: Fri, 14 Oct 2022 04:50:51 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
x-amz-server-side-encryption: AES256
etag: W/"a7a2b5e63e75754efff68575ebae0151"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 7iHqyrRQT4aiKupjg2ERimJhJLrRcyAuZGs2SyPQGv0vBfiok83B1Q==

GET
H2 200 chunk.crypto-js.1628d69e.js Show response
login-gm.atfx.com/js/ 99 KB
29 KB 251ms
246ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.crypto-js.1628d69e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

55146e4beb0d1e16fe104092ed8cb7bc92aa167b2d1227cfca6316b0636ef7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-18b4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=7
accept-ranges: bytes
content-length: 29625

GET
H2 200 chunk.core-js.2599a40e.js Show response
login-gm.atfx.com/js/ 87 KB
29 KB 292ms
292ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.core-js.2599a40e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

1fa2f27d40e61b6b580c05e34d446093c5dd809d7803c4ef68ef05524e23ec3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-15ca1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=193, origin; dur=3
accept-ranges: bytes
content-length: 29663

GET
H2 200 chunk.element-ui.910a14f6.js Show response
login-gm.atfx.com/js/ 664 KB
162 KB 229ms
223ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.element-ui.910a14f6.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

72618a0aeea718799117d66290446e824bce3b017c34de88c43a28cff87ee9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-a5e79"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=185, origin; dur=3
accept-ranges: bytes

GET
H2 200 chunk.vue.4a1c49a7.js Show response
login-gm.atfx.com/js/ 75 KB
28 KB 1274ms
1266ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.vue.4a1c49a7.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

20580f9af5de5e2264d9fb10273224b492d5d22b140a1523ba3912ac1e9ab88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-12c24"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=816, origin; dur=21
accept-ranges: bytes
content-length: 28044

GET
H2 200 chunk.lodash.cb30e553.js Show response
login-gm.atfx.com/js/ 68 KB
25 KB 730ms
723ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.lodash.cb30e553.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

873470d56849b263e38c96bf51b0b884c98d959387de7f9e0134a79cfbb3e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-10f4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=190, origin; dur=7
accept-ranges: bytes
content-length: 25112

GET
H2 200 chunk.oidc-client.8f078270.js Show response
login-gm.atfx.com/js/ 273 KB
71 KB 535ms
528ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.oidc-client.8f078270.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a5a107b924ba9dd5b041f5a96e1b996ed9cecdfbceffea0b702872cc6b0cd121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-445a1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=201, origin; dur=2
accept-ranges: bytes

GET
H2 200 vendors-app.cc11595b.js Show response
login-gm.atfx.com/js/ 878 KB
273 KB 505ms
498ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/vendors-app.cc11595b.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a95b8dd024ef75bd712754922bea85f15851105b8a398330cdfb92039d212f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-db683"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=206, origin; dur=2
accept-ranges: bytes

GET
H2 200 app.3e7d45d7.js Show response
login-gm.atfx.com/js/ 2 MB
607 KB 333ms
326ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/app.3e7d45d7.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

7ef2931d3bd802be9e67e6789c378b234b82f61dfabf7dd7dfa62687cde9c6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-2773cd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=150, origin; dur=160
accept-ranges: bytes
content-length: 620320
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 0
77 KB 350ms
343ms Other
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-100554"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=148, origin; dur=159
accept-ranges: bytes
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 1 MB
77 KB 355ms
350ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

b05da04ed5778632c6f9a861a1bc26b0d536d5e63aece0b547abeed977a24c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-100554"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=157, origin; dur=156
accept-ranges: bytes
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 V2UHH-T34F7-YEC6S-FU52F-HJLLF Show response
s.go-mpulse.net/boomerang/ Frame EFC4 202 KB
51 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:592::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
last-modified: Mon, 09 Jan 2023 07:58:20 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 51580

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 357 KB
98 KB 75ms
71ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d6dab45188c197848c3b441ed71c5ac6e2bbf27a4f9017b6df2378a9ddee93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100302
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 356ms
352ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?61ac16100c228c043039c8a2ba9e8829

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4b079f20bf643e89698b5c390b3b533f9782d55142e6109a1cab67d86869499e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 407882d4063259dc8151100fcdac3508
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11265

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 356ms
352ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f6a7ea91aaa56510db1faa27ec9e41c1

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d49b7c1a3e5c9b18115710fcb415031aef60a04661cb1e47e2a48cef608b53c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 793b9cd67fb5951e3b03f237c607507d
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11256

GET
H2 200 launch-9724699d2dd6.min.js Show response
assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/ 150 KB
47 KB 12ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7d7643dd6043bcdde15382b1e39d8720150395f412e8b2e7b5e44e204ffa3cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: gzip
last-modified: Fri, 27 Jan 2023 07:13:03 GMT
server: AkamaiNetStorage
etag: "ceb733af1bbb16d16c3bcc3486d13f6b:1674803583.010398"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48145
expires: Mon, 13 Feb 2023 05:58:46 GMT

GET
H2 200 Muli-Regular.c9c98d2b.woff
login-gm.atfx.com/fonts/ 50 KB
50 KB 345ms
341ms Font
application/font-woff 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/Muli-Regular.c9c98d2b.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/app.003f6e36.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

73d390d4a7b9b8b5d1fd8efee66f3cd6487282b44322af02e933ad1bdb5eadaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/app.003f6e36.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-c7f8"
content-type: application/font-woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=152, origin; dur=160
accept-ranges: bytes
content-length: 51192
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 new_logo.webp
login-gm.atfx.com/static/img/ 4 KB
4 KB 212ms
208ms Image
image/webp 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/new_logo.webp

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

ab8d6fa3589d2aaf852aaff25ef9ba685ee97708b5e9b38968bb29b936da48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-f94"
content-type: image/webp
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=189, origin; dur=3
accept-ranges: bytes
content-length: 3988

GET
H2 200 loading.webm
login-gm.atfx.com/static/img/ 2 KB
3 KB 217ms
214ms Image
video/webm 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/loading.webm

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

b4b36f862fae672a6d926130bebeb95c5cedc5eab58e9ebb7d940a6e5014d9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-9e8"
content-type: video/webm
x-envoy-upstream-service-time: 5
server-timing: cdn-cache; desc=MISS, edge; dur=189, origin; dur=9
accept-ranges: bytes
content-length: 2536

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame EFC4 1 KB
942 B 48ms
47ms XHR
application/json 2a02:26f0:dc:394::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=V2UHH-T34F7-YEC6S-FU52F-HJLLF&d=login-gm.atfx.com&t=5587548&v=1.632.0&if=&sl=0&si=addaa50wibc-rq05tw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=619580
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:394::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7ab4d04982b744dc84f89ab7c7afbaf67295e27e21f3d005fa2a93a065dc0602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 622

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Mon, 13 Feb 2023 05:58:46 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Mon, 13 Feb 2023 05:58:46 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 03:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 13 Feb 2023 05:12:06 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/ 2 KB
898 B 100ms
99ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/?random=1676264327042&cv=11&fst=1676264327042&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&auid=2091697523.1676264324&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9203e6b819c805a5808f645ca836302e1d74a20f5f2eade869fc54b29a663ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den Show response
10352767.fls.doubleclick.net/ Frame 8A68
Redirect Chain

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang...
https://10352767.fls.doubleclick.net/activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%...

415 B
259 B

98ms
98ms

Document
text/html

142.251.39.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10352767.fls.doubleclick.net/activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f6.1e100.net

Software

cafe /

Resource Hash

93b30254735f4e6ae034272443ff1b987974046a67bcdf5e72a52d6ffdd1a7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login-gm.atfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 04:58:47 GMT
expires: Mon, 13 Feb 2023 04:58:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 04:58:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10352767.fls.doubleclick.net/activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 13 Feb 2023 04:58:46 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AA8E964CCBAC4DA6A7B7FDF87EF7E020 Ref B: FRAEDGE1421 Ref C: 2023-02-13T04:58:47Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 19ms
18ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67291
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 7ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220085-HHN

GET
H2 200 6693213.js Show response
js.hs-scripts.com/ 2 KB
633 B 16ms
15ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6693213.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee637adf34929d2c168d8142d7340fd1a6c5ab880c113fedfa83ae9ac24fcd69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: 00344bda-301d-41a1-a586-885b87041380
age: 3
cf-polished: origSize=1977
cf-bgj: minify
last-modified: Mon, 13 Feb 2023 04:58:44 GMT
server: cloudflare
x-trace: 2B10319B921B4A13BA255E31CB48244DDC6D7C491E000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 798afdac1d2c9bf5-FRA
expires: Mon, 13 Feb 2023 04:59:47 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
27 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Feb 2023 04:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: y9NgjJIK5zreXPBnvNp1tLo8lAE6RuDvd8hBGkUJai9XGa8MAVU5Q0rSeIwvfF/Fue7jR6sgjOKgG811RmD+hQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 14ms
13ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

10ab237d847c442817c877542e4db7ee1be867bba46b692ef9832204fcad62ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/ 71 KB
21 KB 11ms
10ms Script
text/javascript 2600:9000:20eb:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50f0ed11d40805b9e2980d4831f74838b68ead238243324ba9d64e8e45f586b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Amz-Version-Id: 4SX1kwv86q10f3PY6W4ggUajoFDULccH
Content-Encoding: gzip
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Date: Mon, 13 Feb 2023 04:58:44 GMT
Age: 1966
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 12 Feb 2023 17:06:00 GMT
Server: AmazonS3
Etag: W/"bc6e136b4bc527b382d05f12556cd66f"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dFmnTv99yudASwRykC7k-vcBkgFbqIc73rGbkrnioFnnfyqFPlG--g==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 125ms
125ms Script
application/javascript 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7bb786a7875b7ba84efb7dcf5e58fa5ac6d834849b9ac31452f0147648eb8448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: cdc8e503.3238b057
date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 102,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=4, inner; dur=2
content-length: 1401
pragma: no-cache
server: nginx
x-tt-logid: 20230213045847D974FEA039EC5330F609
x-cache-remote: TCP_MISS from a23-220-105-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.220.105.132
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e347ec9d5e277cd7b0541bf164491a1f8de8a6b0d65a362b51e683838046072c38f4ae5eeea5510a191b5f35f88180634999722917c0166a10d3405ff58037cb78485a78cacf2dba1a736532347d600fa
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 78ms
78ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8580a2fbc6fd976e4471b165165640d0f94b7d156e365a3a245189dcd411c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 adsct
t.co/i/ 43 B
117 B 115ms
114ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=2543fc10-8396-4264-992a-bfec206f08c1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=85e8e384-c56f-4e23-8f31-c51e5d581ee7&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 13 Feb 2023 04:58:46 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c65048b4a10778e4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5dffd54cf74f6a22b2b14fdeedb75d0decaf9cb65c47a6a2f09731c3f8091635
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
117 B 113ms
113ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2543fc10-8396-4264-992a-bfec206f08c1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=85e8e384-c56f-4e23-8f31-c51e5d581ee7&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 13 Feb 2023 04:58:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 7082dfa34641cd7c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: eab2e007c1bf436bf2c3be5f45a289806e66df56a258cf9247c200673beed147
content-length: 43

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js
https://s.adroll.com/j/exp/index.js

28 B
784 B

8ms
8ms

Script
application/javascript

2600:9000:20eb:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: HTTP/1.1
Server: 2600:9000:20eb:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Date: Sun, 12 Feb 2023 19:41:01 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 33531
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: s5ZQeOGkyU-bk9QYlnCvj8_2g4zrdNNk9QuoZrgQyrgZBtB7bZE7pg==

Redirect headers

Date: Sun, 12 Feb 2023 11:02:28 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
Age: 64578
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: E07taHFidMcuruXH0NhWgAeLZLYd0Y0EbXAF_h3rU-A_RKV4e7t-mg==

GET
H3 200 661389801117388 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661389801117388?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faed0a48e33f3dd5974fa6cf42f6a89e090e16af4e38d7b4e633038b5a79abf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Feb 2023 04:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110566
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nDMyTbBuL5fxooZUvL3xKO2LNdqIPN1Wnf49ond0n8Ex0xuaxTDc8vdLwT7uAmZybzbya1jpC6UGgLeJsuD8wA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 26ms
26ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 39
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=798afcb8aa0b35f3-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
cache-control: max-age=600
cf-ray: 798afdac38ec35ed-FRA
x-amz-cf-id: odpv5mUOm0qNv-JVDmXTn2gzNKtzfV9HJn5zm5DQrPj1jeqZVVdL3A==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 544 KB
86 KB 28ms
28ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

Request headers

Referer: https://login-gm.atfx.com/
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=798afd9d4f539bf2-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
server: cloudflare
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 798afdac3bd69bf2-FRA
x-amz-cf-id: wjhl2UGR0lkvT5qxMdYdVJUhFevL2GFR2W9l8waK0gT-2ohLvznRyw==
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js

GET
H2 200 6693213.js Show response
js.hs-banner.com/ 93 KB
19 KB 24ms
23ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00bb32d0a96534e8cedfc21e92028ce13af2548d0737f84ef554c63b9ecee2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
x-amz-version-id: G5MCFojZCw7IVpBAtyw5w7g4mKO0GFHl
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3D60RCJWV32SZNJM
age: 275
x-amz-server-side-encryption: AES256
x-amz-id-2: YTEPAZrx8qUpumdyS0K5WaXhOc98cUnCsJOtFPMPp3ZwANR9sX9jSGpPp9NGht2txMInQuG7yeM=
last-modified: Wed, 14 Dec 2022 05:46:51 GMT
server: cloudflare
etag: W/"acb0560b1cdf198f8bbcd8d42744153a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://lp.atcapital.group
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 798afdac3e1190e2-FRA
expires: Mon, 13 Feb 2023 04:59:12 GMT

GET
H2 200 6693213.js Show response
js.hs-analytics.net/analytics/1676264100000/ 65 KB
20 KB 16ms
15ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1676264100000/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185daa7db5564bb45449147b73a658b4ec0d9445abffa9426d308cf5aad24300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: AM6K9ADBCTMBEQ7S
age: 3
x-amz-server-side-encryption: AES256
x-amz-id-2: ZuvNii0jgd1TW5g9XwkXjRuEPsa3+dQw33wEVj3u02VkreR+5KKcZu9jHfSmOKv4SrjAMM1V3gU=
last-modified: Wed, 18 Jan 2023 20:15:24 GMT
server: cloudflare
etag: W/"67cecf529c861bd9b27a71c6e4eae359"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 798afdac3a073827-FRA
expires: Mon, 13 Feb 2023 05:03:44 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264327073&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264327073&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&e_ipv6=AQKwnFDppumYKQAAAYZJI8f7K19ZBDptXxTA1_t4H-p_YG559yTiqe5...

0
144 B

178ms
178ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264327073&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&e_ipv6=AQKwnFDppumYKQAAAYZJI8f7K19ZBDptXxTA1_t4H-p_YG559yTiqe5-0lu0FnnI2r7_WDJG
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:46 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FCBA59FB0A7E49BDA300A2EDE08B8DB7 Ref B: FRAEDGE1715 Ref C: 2023-02-13T04:58:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0jbPIKAx0ypQv3MmIHA==

Redirect headers

date: Mon, 13 Feb 2023 04:58:46 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DD6694106E9146A6968E19B46909EDDA Ref B: FRAEDGE1708 Ref C: 2023-02-13T04:58:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1676264327073&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&e_ipv6=AQKwnFDppumYKQAAAYZJI8f7K19ZBDptXxTA1_t4H-p_YG559yTiqe5-0lu0FnnI2r7_WDJG
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0jbPFFyQCoSwaUMRGeQ==

GET
H2 204 56384898.js Show response
bat.bing.com/p/action/ 0
117 B 139ms
135ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384898.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 13 Feb 2023 04:58:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB662CB867A24F778F8288F6A0D85013 Ref B: FRAEDGE1421 Ref C: 2023-02-13T04:58:47Z
x-cache: CONFIG_NOCACHE

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=PageView&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&rl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&if=false&ts=1676264327099&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1676264324882.1096907519&it=1676264327070&coo=false&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Feb 2023 04:58:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=pageview&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCAiAABBAAAAAAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=1211855599

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5129
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819544204/ 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819544204/?random=1676264327042&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=116327371&rmt_tld=0&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/819544204/ 42 B
64 B 46ms
46ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819544204/?random=1676264327042&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=116327371&rmt_tld=1&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UVYGNOCARNBIDOW25C5BBP Show response
d.adroll.com/consent/check/ 463 B
555 B 27ms
27ms Script
application/javascript 2a05:d018:cc3:fe04:6457:e8bb:899e:1869
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UVYGNOCARNBIDOW25C5BBP?pv=39142229512.565544&arrfrr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&_s=a928c982260406981194142387fd9659&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:6457:e8bb:899e:1869 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 014bdc7b05fd8dd839b68b41d4e15d9aa77af1c993bdc225aa7532534f30b010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 230 KB
79 KB 71ms
71ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d85acbee4e5e00d6a721a753cb3491f13f47b35c93cc4abfbf66b09a755345a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H2 200 dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=*;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den
adservice.google.com/ddm/fls/z/ Frame 8A68 42 B
107 B 76ms
73ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=*;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: 10352767.fls.doubleclick.net
URL: https://10352767.fls.doubleclick.net/activityi;dc_pre=CKnNj57bkf0CFeagUQodKgEBcQ;src=10352767;type=homevist;cat=atfxc0;ord=3045302000830;gtm=45He3280;auiddc=2091697523.1676264324;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10352767.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWNiNWY1N2YyNA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 263 KB
70 KB 24ms
21ms Script
application/javascript 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fabc5a49269ec5c2dc576471f74f5b0f5c935017e8080f88a9e70524181c6c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 3238b0ef
date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023020721085334801A0C4FB0C69178B4
vary: Accept-Encoding
x-cache: TCP_HIT from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b74ddcab41230b6b9661be7434ed2bb8f5ac280f8a7a5ae70e7c97bc2bf9dcecb9f58237225b5dcdbcc5f4b463c609952936348f2c044947107ec2243448c38657c739eae4fbafa68852aec201bfe078905a5c98f362c79a36ea13f19e2fee32
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 71073

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 350ms
349ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=967D1A95555B4589&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=791%2C790&et=3&ja=0&ln=en-us&lo=0&rnd=714034964&si=61ac16100c228c043039c8a2ba9e8829&v=1.3.0&lv=1&sn=10096&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:47 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 351ms
350ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1676264326&rnd=750422399&si=61ac16100c228c043039c8a2ba9e8829&su=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&v=1.3.0&lv=2&sn=10097&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:47 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 identify_5f1fb.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 22ms
22ms Script
application/javascript 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 3238b149
date: Mon, 13 Feb 2023 04:58:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202302072108334F776667E8C87D15DD00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01be4a2790561c544e7ddbdb8e097a0bec166579a341868a960b6b49542969a3087e53e43bd7f40d2026fcca1261e4ed136a34e0e1a4dfdcacb5942f49478fb746fa4faf7c73e0c8824e0ea427b6120dded43c0dea8ef6cc9559212b335c8fe009
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 30688

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
702 B 456ms
455ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2b205685.3238b15b
date: Mon, 13 Feb 2023 04:58:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 366,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=232, origin; dur=175, inner; dur=127
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230213045847D110353E702DCCD7FC7D
x-cache-remote: TCP_MISS from a184-25-157-168.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 175,184.25.157.168
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e6126fa9b5144fc5098e42bf2243256fd238c644c3aab83d69c2012f9cb9df301bb293f02cb446b358d064fd7d67df3560e9deba1f5f054d7611987cb0b3834b9500ee4935620fafad8715b8dfba28f3f
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
693 B 162ms
161ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5fe8e182.3238b161
date: Mon, 13 Feb 2023 04:58:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 108,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=127, origin; dur=9, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023021304584765FB0758041007D32C10
x-cache-remote: TCP_MISS from a23-220-105-135.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.105.135
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e429cc8575ceb10fdb4d4795726b094174a500ae7213141a161736a5fdfb27869d35a31e43bed7606ae06e556b18c5f2f0546bd29123701e7a77c209847d1e211235868266b18888b43faa62dbcea76bc
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 143ms
142ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
x-akamai-request-id: 3238b162
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302130458477A44E8967AE842CD49B0
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 110,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65eb087f3c64ce07ec4533e1df055b92681aafe0f8ccc82567dd425b645757e990505c9ac872f85096d2cebd5d84f0aed396953179badb072c393e8be6633b5ce46
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=5, origin; dur=109
content-length: 0
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
554 B 264ms
264ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
x-akamai-request-id: 3238b163
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230213045847652AD761337F8504B00D
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 227,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e6ba7e3a676f1bc0f9ec3f867d46d4ec1e80a4dbaf8236d767ba61e29e1567775bcd5343dc2650a783725446ecdbda7ec948e97c96689fb7f61e3a2fabbec48c6
server-timing: inner; dur=118, cdn-cache; desc=MISS, edge; dur=5, origin; dur=227
content-length: 0
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
694 B 149ms
149ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 24d1ea78.3238b164
date: Mon, 13 Feb 2023 04:58:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 105,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302130458479B3C2A706DF112B9E7D6
x-cache-remote: TCP_MISS from a184-25-157-170.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,184.25.157.170
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e18399423458041acd705c038f6475d5433b9be27e68ff66e73953486170336236ffe0c551366e80cd18b9b38f51181b8682db0a5a8c647255ad13ca8f205df2910b76ab25d155a1bbd3fb7259156aabc
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
555 B 300ms
300ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
x-akamai-request-id: 3238b17b
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230213045847AF62B6B9FBDBD14CD6CF
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 199,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e4bb309654579f633a6889479217b3a00c71a30e2c780dd65a4ee273e75e921ea27e343192240ce84914c7e9fd41cd33467817b7480d77c3e89ea03c88216790e
server-timing: inner; dur=85, cdn-cache; desc=MISS, edge; dur=39, origin; dur=198
content-length: 0
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
550 B 181ms
181ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
x-akamai-request-id: 3238b186
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302130458479294782A26CA362E0CFB
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 105,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65e4995b3ff716e02f69410a5a61ea0a0a0a08c5e2fbeba0333efb907645e136c7dba488e428fc2e252ce5c06531c21cb3c16f0311a0c1b8f73819b6200653113ac
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=4, origin; dur=105
content-length: 0
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 202ms
202ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2136e148.3238b187
date: Mon, 13 Feb 2023 04:58:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 121,23.202.121.139
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=22, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302130458475C71DA53C5A397EE09EC
x-cache-remote: TCP_MISS from a23-220-105-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.220.105.138
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65eae8dfca1fc04e551c212ae244eaa11531affcba365c510a3d3501df7d8271e3acbca8ba0bfcdef675a80a31282144ce206bdea021b81dc70aa3b28c4bf7544f30d20bfb27db285fc3768a2db27462bc8
expires: Mon, 13 Feb 2023 04:58:47 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 195ms
195ms Ping
text/plain 95.101.75.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:47 GMT
x-akamai-request-id: 3238b188
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230213045847DC68D934789997A11C7E
x-cache: TCP_MISS from a23-202-121-139.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,23.202.121.139
x-tt-trace-host: 018debac48b254c96e084d365932782b4d0c4434c14ac48e100450ec5665d4b65efb6996ab2f7cc87411b28bdf213dab027572e3687d05a8f854cc0ce798a296ab3e8bb84db4b9c10b9e51cd87d9b0ccee6ca7bc3ad884a7bb52a0068c28e6236c
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=5, origin; dur=111
content-length: 0
expires: Mon, 13 Feb 2023 04:58:47 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 344ms
343ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=76E7C3721C6F5485&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=1083%2C1083&et=3&ja=0&ln=en-us&lo=0&rnd=139627197&si=f6a7ea91aaa56510db1faa27ec9e41c1&v=1.3.0&lv=1&sn=10095&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:47 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 483ms
345ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1676264325&rnd=333137508&si=f6a7ea91aaa56510db1faa27ec9e41c1&su=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&v=1.3.0&lv=2&sn=10098&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 04:58:47 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 15ms
15ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba&ttl=&rurl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152401985-5&cid=804768484.1676264324&jid=91620938&gjid=1748830909&_gid=2083993560.1676264324&_u=SCCAiAABBAAAAEAAI~&z=703073929

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 13 Feb 2023 04:58:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=0&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1second&ea=1second&el=1second&ev=1&_u=SCCAiAABBAAAAAAAI~&jid=91620938&gjid=1748830909&cid=804768484.1676264324&tid=UA-152401985-5&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&z=457245551

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onsite%20events&ea=geolocation&el=DE&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd8=DE&z=1835025800

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conf Show response
at-client-portal-api.atfx.com/setting/ 56 B
458 B 951ms
803ms XHR
application/json 2a02:26f0:3500:14::1724:a258
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://at-client-portal-api.atfx.com/setting/conf?data=3D21YIvbpxtQuMbhInjUHag80a4d9QBAtOtuaR64S4rpoaS3rzVtM1a8BJu30LAYUqXP5ZiJTu5rpd%2F6yJy4XfrzsGS%2BfNEOPDc%2BUkDrfqg%3D

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/vendors-app.cc11595b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a258 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy / Express

Resource Hash

0b7a11c4d34830d32ee191d8cd4b01a886a59e4fa9065f0ef61bcbc5f42e5ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server: istio-envoy
x-powered-by: Express
etag: W/"38-WlNLrsWdqPqv4ntTFfWeRARZ9WU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 29
server-timing: cdn-cache; desc=MISS, edge; dur=763, origin; dur=31, ak_p; desc="465628_388276248_96861429_79409_3035_5_0";dur=1
content-length: 56
expires: Mon, 13 Feb 2023 04:58:49 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 169 B
499 B 132ms
132ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6693213

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e9866bb713a4194b11734cf3a728872a90b22d2a68d8f2d16abf9fe65b82d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5d0e09a2-5208-433e-9c01-afeaad79d50d
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B76C840593DE44409A03E423FCF074E73CA647B82000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ddm%2BnBzCqc%2FJ1n%2Fmc%2FdqP1Ex6VD1fEtF1ItjlSN5E5mZZqkOYqVV75tYEFix8D0tImIA5aS0u5eUFsl%2FYknWym07ci%2FozfC08LQkQs9v6DaYzBBhXonscJ34PsGlVog8X7ADPfOkJNtKwRV7"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 798afdb40b4e6949-FRA
access-control-allow-headers: *

GET
H2 204 0
bat.bing.com/action/ 0
120 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384898&tm=gtm002&Ver=2&mid=e918c004-0f6b-428d-80cd-a6a6049baa06&sid=187f9240ab5b11edb955fd4511aeb241&vid=187fbea0ab5b11ed84f40b8cdbef4dae&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATFX%20Client%20Portal&p=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&r=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&lt=2056&evt=pageLoad&sv=1&rn=458713

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 04:58:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C3743AEA97449B9A12D8B6665F93297 Ref B: FRAEDGE1421 Ref C: 2023-02-13T04:58:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onsite%20events&ea=setting%20entity&el=setting%20entity&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=472378469

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
381 B 122ms
121ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2789099452&v=1.1&a=6693213&r=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&pu=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&t=ATFX+Client+Portal&cts=1676264328388&vi=4feac193c1dedc13f1601ea20f7473c1&nc=false&u=195689843.4feac193c1dedc13f1601ea20f7473c1.1676264326111.1676264326111.1676264326111.1&b=195689843.2.1676264326112&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cd7f4000-b929-4f71-a4b5-b4fd4e079cf5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TtBQ9HkdwOcLHp3dnPC5ienWBL1401H9WMlDxQFMXhgcD86TVW%2BPfIF6K%2B6CxaxeysmcRiM8AB2PFFtoe8ORT4jTWl85UxRpNLR%2FkHtUj48egGqDbAX%2F4Ap%2FlQthPzrc2O0x8Hpy5rLhOgz8vrY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 798afdb47b49923d-FRA
x-robots-tag: none

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2010%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=1418911605

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2020%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=952446937

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2030%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=592387418

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
47ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2040%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=1899334054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
48ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2050%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=1280366511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
49ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2060%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=1809761443

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
49ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2070%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=1686323136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
49ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2080%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=909093277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2090%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=1937581463

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
50ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2720256&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%20100%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=804768484.1676264324&tid=UA-152401985-1&_gid=2083993560.1676264324&gtm=45He3280n81W5P72GF&cd3=CY&cd8=DE&z=572749665

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
726 B 135ms
134ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6693213&utk=4feac193c1dedc13f1601ea20f7473c1&__hstc=195689843.4feac193c1dedc13f1601ea20f7473c1.1676264326111.1676264326111.1676264326111.1&__hssc=195689843.2.1676264326112&referrer=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&currentUrl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

408793d10a1af43527efc25cfe98375f0b04303d5a39d2773ba1fae49ed7e2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fb081f37-321e-4d6b-a727-3751ab399e5a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTRayq8iXQeEAqEDxlUpN8m15NmG82QJkJyY8%2B3kzbEUZCyz2f4NeSZiVQ8o%2B7eZ9KXbeQIge5vfV6rHqM0iVGTcy0%2F6ubMOHmyC7i%2BA8Xj8VJeYPyO45T0al7%2BnD2z%2BO6LaW3EwMtMjSIyCwAZf"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 798afdb4cbe49c0d-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 74ms
73ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e36c32717961275712554db490cedad822e089503776b7ec25186c764cd11f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50767
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 04:58:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 74ms
74ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a651f03b0281c935cf58f6b7ec1b9dcb37c0b73a28f37a281a75022575b3b301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50752
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 04:58:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 75ms
75ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d691907d6c322fc9f83897c6158f134c63b58304420e22769b72fc7558d3d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64783
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 04:58:48 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/ 2 KB
920 B 51ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/?random=1676264328566&cv=11&fst=1676264328566&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2091697523.1676264324&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-725330305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4da153d559e3302f16b980dcb245d0fd882f6985541d591693dea2485837b77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/ 2 KB
920 B 53ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/?random=1676264328592&cv=11&fst=1676264328592&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2091697523.1676264324&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b9fc3902a71c066b58f4470744cb073168f34da05f40bcbc24c0a33bc85858a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

results.txt Show response
xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net/eum/ Frame EFC4
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pmtewjbob
https://xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

341ms
8ms

XHR
text/plain

2.19.126.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.19.126.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-212.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:49 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 13 Feb 2023 04:58:48 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net/eum/ Frame EFC4
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pmtewjbob
https://fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

135ms
7ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 04:58:48 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 13 Feb 2023 04:58:48 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/725330305/ 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725330305/?random=1676264328566&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2371287909&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/725330305/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725330305/?random=1676264328566&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2371287909&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740161488/ 42 B
64 B 51ms
47ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740161488/?random=1676264328592&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3037335032&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740161488/ 42 B
64 B 52ms
48ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740161488/?random=1676264328592&cv=11&fst=1676260800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3037335032&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=Microdata&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&rl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&if=false&ts=1676264328670&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ATFX%20Client%20Portal%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1676264324882.1096907519&it=1676264327070&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Feb 2023 04:58:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 /
684dd326.akstat.io/ 0
203 B 37ms
28ms Ping
image/gif 2a02:26f0:3500:592::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd326.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:48 GMT
content-type: image/gif
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 13 Feb 2023 04:58:48 GMT

GET
H2 200 login.5b7a2b0f.css
login-gm.atfx.com/css/ 12 KB
2 KB 331ms
330ms Stylesheet
text/css 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/login.5b7a2b0f.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/app.3e7d45d7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a1fd19c0b4c72031989a7fbf09e2b6bf6b7a277404a2359b3c448116d6609f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-31f1"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=154, origin; dur=155
accept-ranges: bytes
content-length: 2146
expires: Mon, 13 Feb 2023 04:58:49 GMT

GET
H2 200 login.0f5b796f.js Show response
login-gm.atfx.com/js/ 57 KB
20 KB 276ms
276ms Script
application/javascript 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/login.0f5b796f.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/app.3e7d45d7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

52b72c5410917f399dcdb3d827537f9d42650653cc4c7b94463b52c4fac779b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-e57c"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=204, origin; dur=3
accept-ranges: bytes
content-length: 20421

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1ba151abd6ddb624f5b4e4fb16ca70e0c8a62ee14ee6cc20faecd204294e44d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a27f8cdfadb27e079737c2dfd65d27f6ff3beb4e6f298e279db7a2c77d28df7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.8ef051a1.png
login-gm.atfx.com/img/ 13 KB
14 KB 633ms
633ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/img/logo.8ef051a1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e4b8de3da086bc3422b20ab60526ec883ca9c82946a66fd7381543a80a03011b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login?lang=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:50 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-3590"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=457, origin; dur=161
accept-ranges: bytes
content-length: 13712
expires: Mon, 13 Feb 2023 04:58:50 GMT

GET
H2 200 login-backimg.716badf0.png
login-gm.atfx.com/img/ 435 KB
437 KB 643ms
642ms Image
image/png 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/img/login-backimg.716badf0.png

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/login.5b7a2b0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

4bbf0a19df51ceb44a9cd2941b522d5fbdf541d993a53784b26813056ac9a4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/css/login.5b7a2b0f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:50 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-6cd1e"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=457, origin; dur=163
accept-ranges: bytes
content-length: 445726
expires: Mon, 13 Feb 2023 04:58:50 GMT

GET
H2 200 Muli-Bold.8c9b662f.woff
login-gm.atfx.com/fonts/ 50 KB
51 KB 330ms
328ms Font
application/font-woff 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/Muli-Bold.8c9b662f.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/app.003f6e36.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

8abb15b350f4961e50cc878fae03a44f5afab6d58d329bf7959edd6a225687e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/app.003f6e36.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:50 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-c890"
content-type: application/font-woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=150, origin; dur=160
accept-ranges: bytes
content-length: 51344
expires: Mon, 13 Feb 2023 04:58:50 GMT

GET
H2 200 la-solid-900.36fc2979.woff2
login-gm.atfx.com/fonts/ 94 KB
95 KB 644ms
643ms Font
application/octet-stream 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/la-solid-900.36fc2979.woff2

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:50 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-179f0"
content-type: application/octet-stream
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=460, origin; dur=162
accept-ranges: bytes
content-length: 96752
expires: Mon, 13 Feb 2023 04:58:50 GMT

GET
H2 200 element-icons.woff
login-gm.atfx.com/static/css/theme/fonts/ 6 KB
6 KB 328ms
327ms Font
application/font-woff 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/fonts/element-icons.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/static/css/theme/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/static/css/theme/index.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:50 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-1814"
content-type: application/font-woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=154, origin; dur=155
accept-ranges: bytes
content-length: 6164
expires: Mon, 13 Feb 2023 04:58:50 GMT

GET
H2 200 la-regular-400.88d9d941.woff2
login-gm.atfx.com/fonts/ 13 KB
13 KB 631ms
630ms Font
application/octet-stream 2a02:26f0:3500:14::1724:a24b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/la-regular-400.88d9d941.woff2

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:14::1724:a24b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:58:50 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Fri, 10 Feb 2023 02:40:18 GMT
server: istio-envoy
etag: "63e5ae92-3264"
content-type: application/octet-stream
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=457, origin; dur=155
accept-ranges: bytes
content-length: 12900
expires: Mon, 13 Feb 2023 04:58:50 GMT

GET
H2 200 s98397775233121
atfx.sc.omtrdc.net/b/ss/atsolution-prd/1/JS-2.23.0-LCXS/ 43 B
345 B 78ms
17ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://atfx.sc.omtrdc.net/b/ss/atsolution-prd/1/JS-2.23.0-LCXS/s98397775233121?AQB=1&ndh=1&pf=1&t=13%2F1%2F2023%204%3A58%3A49%201%200&mid=42964805918672487922819818887950225991&aamlh=6&ce=UTF-8&pageName=%2Flogin&g=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&r=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&c.&apl=4.0&.c&cc=USD&server=login-gm.atfx.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v3=login&c6=production&c8=atfx%202.0&c9=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&v11=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&v12=en&v20=gm&v33=atfx%202.0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F64735DD5CF122370A495FCD%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Feb 2023 04:58:49 GMT
server: jag
etag: 3599750237429563392-4619666534883238551
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 04:58:49 GMT

OPTIONS
H2 200 get-live-chat-config
prod.api.recur-omni.io/live-chat-model/ Frame 0
0 802ms
219ms Preflight
application/json 46.137.244.140

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.api.recur-omni.io/live-chat-model/get-live-chat-config
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.244.140 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-session
Access-Control-Request-Method: POST
Origin: https://login-gm.atfx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Client-Session, Authorization, Content-Type
access-control-allow-methods: OPTIONS,POST,GET
access-control-allow-origin: https://login-gm.atfx.com
content-length: 0
content-type: application/json
date: Mon, 13 Feb 2023 04:58:52 GMT
x-amz-apigw-id: AQt9-FAYyQ0FRlA=
x-amzn-requestid: 0bb370a9-fbb9-4153-9732-11f6f7d20138
x-amzn-trace-id: Root=1-63e9c38c-08eeb49d43bfee83588cd948;Sampled=0

POST
H2 200 get-live-chat-config Show response
prod.api.recur-omni.io/live-chat-model/ 4 KB
5 KB 745ms
322ms XHR
application/json 46.137.244.140

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.api.recur-omni.io/live-chat-model/get-live-chat-config
Requested by: Host: master.d10i7a7v1hjb2v.amplifyapp.com
URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.244.140 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f65fdf7e972cfce2441bff30eedb5fab7f8d6a6c6d70cf8c8857ccfa3332e6d

Request headers

Accept: */*
Client-Session: lXTZKqXwLP9CWhJtLqQcbSrHXPrhT35Dm0bRGWc0n4LxXcEVAY1enrOhjmcSoMEW_iYtd7FBtYkBURBiF4z59rl4ViAHWvQMp9IZL3R2jH7Zux4ND9KIN8XGYw89WOw0x
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 13 Feb 2023 04:58:53 GMT
x-amzn-requestid: 257c5aee-b53d-42b9-a6f6-c46ce302ba1b
x-amzn-trace-id: Root=1-63e9c38d-06bbe6a85980cf996ffe0cbf;Sampled=0
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/json
access-control-allow-origin: https://login-gm.atfx.com
access-control-allow-credentials: true
x-amz-apigw-id: AQt-FEnYyQ0Fb9g=
content-length: 4421
access-control-allow-headers: Client-Session, Authorization, Content-Type

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3280&_p=2720256&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676264324&sct=1&seg=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3280&_p=2720256&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 04:58:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login-gm.atfx.com
URL: https://login-gm.atfx.com/static/css/theme/index.css

Domain: login-gm.atfx.com
URL: https://login-gm.atfx.com/static/css/theme/index.css

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3280&_p=1215886925&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=3

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3280&_p=1215886925&gdid=dZTQ1Zm&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&en=user_engagement&_et=2196

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3280&_p=1215886925&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=10

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3280&_p=1215886925&gdid=dZTQ1Zm&cid=804768484.1676264324&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1676264324&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den&dt=ATFX%20Client%20Portal&en=user_engagement&_et=2027

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=56384898&tm=gtm002&Ver=2&mid=1d67081c-e9ea-4fa4-8aa1-cb379193f857&sid=187f9240ab5b11edb955fd4511aeb241&vid=187fbea0ab5b11ed84f40b8cdbef4dae&vids=1&msclkid=N&evt=pageHide

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?hca=76E7C3721C6F5485&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=1083%2C1083&et=3&ja=0&ln=en-us&lo=0&rnd=139627197&si=f6a7ea91aaa56510db1faa27ec9e41c1&v=1.3.0&lv=1&sn=10095&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?hca=967D1A95555B4589&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=791%2C790&et=3&ja=0&ln=en-us&lo=0&rnd=714034964&si=61ac16100c228c043039c8a2ba9e8829&v=1.3.0&lv=1&sn=10096&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin%3Flang%3Den

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 13:56:56	Name: demdex Value: 36901671544828242333437429018048927478
.atfx.com/	1969-12-31 23:59:59	Name: AMCVS_F64735DD5CF122370A495FCD%40AdobeOrg Value: 1
.atfx.com/	1970-01-20 11:47:20	Name: _gcl_au Value: 1.1.2091697523.1676264324
.everesttech.net/	1970-01-20 18:23:20	Name: everest_g_v2 Value: g_surferid~Y_nDhAAAAEnEVQOV
.dpm.demdex.net/	1970-01-20 13:56:56	Name: dpm Value: 36901671544828242333437429018048927478
.atfx.com/	1970-01-20 19:13:44	Name: AMCV_F64735DD5CF122370A495FCD%40AdobeOrg Value: 179643557%7CMCIDTS%7C19402%7CMCMID%7C42964805918672487922819818887950225991%7CMCAAMLH-1676869124%7C6%7CMCAAMB-1676869124%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1676271524s%7CNONE%7CMCSYNCSOP%7C411-19409%7CvVersion%7C5.5.0
login-gm.atfx.com/	1970-01-20 09:39:10	Name: ln_or Value: eyIzNjkwMTk2IjoiZCJ9
.atfx.com/	1970-01-20 09:39:10	Name: _gid Value: GA1.2.2083993560.1676264324
.atfx.com/	1970-01-20 09:37:44	Name: _dc_gtm_UA-152401985-1 Value: 1
.t.co/	1970-01-20 19:13:44	Name: muc_ads Value: 245edc83-d257-4468-80fe-460de6a867c9
.twitter.com/	1970-01-20 19:13:44	Name: personalization_id Value: "v1_6Py313qQk4ssQYk9IUgJfg=="
.linkedin.com/	1970-01-20 10:20:56	Name: UserMatchHistory Value: AQLF-vD0U6jacQAAAYZJI71jxY5I1mvkLQSv_Orjoe-xH3LAchIUTjybBeCYQrCg6HO9fxqseO9I9g
.linkedin.com/	1970-01-20 10:20:56	Name: AnalyticsSyncHistory Value: AQISxiEDOxUnwAAAAYZJI71jIjz5kXzjYK0EUIpxiRBIgYHTpxOwYY05qwA2CFv2-eJiKJ0UJ6hZxuaH2CfXdA
.linkedin.com/	1970-01-20 18:23:20	Name: bcookie Value: "v=2&d3fa4206-9df0-4539-8f52-48e1707f07f9"
.linkedin.com/	1970-01-20 09:39:10	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2674:u=1:x=1:i=1676264324:t=1676350724:v=2:sig=AQHQ4FfOYXr4ZViVCgY_vVNGoIttPx3F"
.tiktok.com/	1970-01-20 18:59:20	Name: _ttp Value: 2LfZv9S9xAbdJ7xZ5Jxej9gti3H
.doubleclick.net/	1970-01-20 18:59:20	Name: IDE Value: AHWqTUl1kiq8oYZDaCIShuMwwF4VHlbU4rsz1clS0I1MJXbDl-B8jg9stmUKpWbCSks
.casalemedia.com/	1970-01-20 18:23:20	Name: CMID Value: Y.nDhIfFQiSipP1YXRr1.wAA
.casalemedia.com/	1970-01-20 11:47:20	Name: CMPS Value: 2204
.casalemedia.com/	1970-01-20 11:47:20	Name: CMPRO Value: 2204
.atfx.com/	1970-01-20 18:59:20	Name: _tt_enable_cookie Value: 1
.www.linkedin.com/	1970-01-20 18:23:20	Name: bscookie Value: "v=1&20230213045844f3c14d9c-614d-4d65-8fde-d4a1a99088bdAQFCD7IuTIrlr0aAfdD0DpBnP0tbI3A9"
.linkedin.com/	1970-01-20 13:56:56	Name: li_gc Value: MTswOzE2NzYyNjQzMjQ7MjswMjFCXgvm+o3w4l5ERbFY8evcAQEAxQqT7TIKUlkymcQLJA==
.atfx.com/	1970-01-20 18:59:20	Name: _ttp Value: niKUy1t9mUMHM1wyqxppXqpi-PG
.adnxs.com/	1970-01-20 11:47:20	Name: uuid2 Value: 6564704274272846624
.adnxs.com/	1970-01-20 11:47:20	Name: anj Value: dTM7k!M4.FErk#WF']wIg2HbXKEaPe!1yIE`_bm.dc%TM/sPwipIAi3#Or%UDAjHi!aRkdpLie9#BI7y)JEhfBoQA90L'_RwC[rE:Oy21P)j.gX`fkS
.atfx.com/	1970-01-20 11:47:20	Name: _fbp Value: fb.1.1676264324882.1096907519
.pubmatic.com/	1970-01-20 11:47:20	Name: KRTBCOOKIE_218 Value: 4056-Y_nDhAAAAEnEVQOV&KRTB&22978-Y_nDhAAAAEnEVQOV&KRTB&23194-Y_nDhAAAAEnEVQOV&KRTB&23209-Y_nDhAAAAEnEVQOV
.pubmatic.com/	1970-01-20 10:20:56	Name: PugT Value: 1676264324
.spotxchange.com/	1970-01-20 10:18:03	Name: audience Value: 17f83e08-ab5b-11ed-9028-1bce7de30506
.demdex.net/	1970-01-20 13:56:56	Name: dextp Value: 144230-1-1676264324364\|144231-1-1676264324465\|144232-1-1676264324603\|144233-1-1676264324703\|144234-1-1676264324804\|144235-1-1676264324905\|144236-1-1676264325005\|144237-1-1676264325115
my.rtmark.net/	1970-01-20 18:23:20	Name: ID Value: bb0c47b702f34478ac5a3eb0c321314d
.hm.baidu.com/	1970-01-20 19:13:44	Name: HMACCOUNT_BFESS Value: 76E7C3721C6F5485
.atfx.com/	1970-01-20 18:23:20	Name: Hm_lvt_f6a7ea91aaa56510db1faa27ec9e41c1 Value: 1676264325
.login-gm.atfx.com/	1970-01-20 18:23:20	Name: Hm_lvt_61ac16100c228c043039c8a2ba9e8829 Value: 1676264326
.bing.com/	1970-01-20 18:59:20	Name: MUID Value: 36345ECD846D63A5259D4C7A85066225
.atfx.com/	1970-01-20 13:56:56	Name: __hstc Value: 195689843.4feac193c1dedc13f1601ea20f7473c1.1676264326111.1676264326111.1676264326111.1
.atfx.com/	1970-01-20 13:56:56	Name: hubspotutk Value: 4feac193c1dedc13f1601ea20f7473c1
.atfx.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hubspot.com/	1970-01-20 09:37:46	Name: __cf_bm Value: tYawEVGaNTCqbXS3kBqxMPw0CSlzwBDVglcw85TQcfA-1676264326-0-AXmTVK9yFolJxA/BZsPMmKuNjzTPveSgxZCfe90UdDN+JZLR38ro2700izH7T9E3v8CKEP4xk1ss6xerUpgTuIM=
.atfx.com/	1970-01-20 09:47:49	Name: RT Value: "z=1&dm=atfx.com&si=addaa50wibc&ss=le2chy3x&sl=0&tt=0"
.atfx.com/	1970-01-20 19:13:44	Name: _ga_6Y793BN4BT Value: GS1.1.1676264324.1.1.1676264327.57.0.0
.login-gm.atfx.com/	1969-12-31 23:59:59	Name: Hm_lpvt_61ac16100c228c043039c8a2ba9e8829 Value: 1676264327
.atfx.com/	1970-01-20 19:13:44	Name: _ga_RB6RNN86NX Value: GS1.1.1676264324.1.0.1676264327.57.0.0
.atfx.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f6a7ea91aaa56510db1faa27ec9e41c1 Value: 1676264328
.atfx.com/	1970-01-20 19:13:44	Name: _ga Value: GA1.2.804768484.1676264324
.atfx.com/	1970-01-20 09:39:10	Name: _uetsid Value: 187f9240ab5b11edb955fd4511aeb241
.atfx.com/	1970-01-20 18:59:20	Name: _uetvid Value: 187fbea0ab5b11ed84f40b8cdbef4dae
.atfx.com/	1970-01-20 09:37:46	Name: __hssc Value: 195689843.2.1676264326112
.atfx.com/	1969-12-31 23:59:59	Name: s_cc Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10352767.fls.doubleclick.net
684dd326.akstat.io
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
api.hubapi.com
assets.adobedtm.com
at-client-portal-api.atfx.com
atfx.sc.omtrdc.net
atsolution.demdex.net
bat.bing.com
c.go-mpulse.net
cdn.linkedin.oribi.io
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dpm.demdex.net
dsum-sec.casalemedia.com
fibrwiaaa3ybckqce3ydkaaaczr6tq4i-pmtewj-029f0bcbb-clienttons-s.akamaihd.net
forms.hubspot.com
googleads.g.doubleclick.net
hm.baidu.com
ib.adnxs.com
image2.pubmatic.com
ipapi.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
login-gm.atfx.com
master.d10i7a7v1hjb2v.amplifyapp.com
my.rtmark.net
pixel.rubiconproject.com
prod.api.recur-omni.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
s.go-mpulse.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.co
track.hubspot.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
unpkg.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
xhkzxjiccn7niy7jyoea-pmtewj-b3b9a218d-clientnsv4-s.akamaihd.net
bat.bing.com
hm.baidu.com
login-gm.atfx.com
region1.analytics.google.com
103.235.46.191
104.244.42.3
104.244.42.69
13.107.42.14
13.37.25.97
139.45.195.8
142.251.39.34
142.251.39.6
146.75.120.157
151.101.66.49
185.64.189.110
185.80.39.216
185.94.180.125
2.19.126.212
2001:4860:4802:34::36
2600:9000:20eb:9200:6:9280:1080:93a1
2600:9000:20eb:ac00:2:53b2:240:93a1
2606:4700:20::681a:82c
2606:4700:4400::ac40:9a55
2606:4700::6810:7baf
2606:4700::6811:43b0
2606:4700::6811:71b0
2606:4700::6811:c9cc
2606:4700::6811:d3cc
2606:4700::6811:e8cc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:829::2003
2a00:1450:400c:c06::9a
2a00:1450:400d:803::200e
2a00:1450:400d:80e::2008
2a02:26f0:11a::6867:4832
2a02:26f0:3500:14::1724:a24b
2a02:26f0:3500:14::1724:a258
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:591::1e80
2a02:26f0:3500:592::11a6
2a02:26f0:dc:394::11a6
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:cc3:fe04:6457:e8bb:899e:1869
34.240.171.169
34.98.64.218
37.252.171.52
46.137.244.140
52.213.167.16
54.229.62.148
65.9.86.77
69.173.144.165
95.101.75.139
00506355293ef477b899ed0e5fb6cc123e944de4e696d66a4a1e9eeeac550778
00bb32d0a96534e8cedfc21e92028ce13af2548d0737f84ef554c63b9ecee2a3
011204246d4138ec264b9b91d50a4bd5c9245a3e590244f6a095f34092f0f98c
014bdc7b05fd8dd839b68b41d4e15d9aa77af1c993bdc225aa7532534f30b010
0b7a11c4d34830d32ee191d8cd4b01a886a59e4fa9065f0ef61bcbc5f42e5ea9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f65fdf7e972cfce2441bff30eedb5fab7f8d6a6c6d70cf8c8857ccfa3332e6d
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
10ab237d847c442817c877542e4db7ee1be867bba46b692ef9832204fcad62ac
185daa7db5564bb45449147b73a658b4ec0d9445abffa9426d308cf5aad24300
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1fa2f27d40e61b6b580c05e34d446093c5dd809d7803c4ef68ef05524e23ec3f
20580f9af5de5e2264d9fb10273224b492d5d22b140a1523ba3912ac1e9ab88a
2241befde505261fb3e0d7201027d0b04c2b558a90a0a67f84ff43dba1f396f2
33bb10b2a2803b023a57ac6d15e45a80964132dbaf34c57438cedc470aa9801c
3d6dab45188c197848c3b441ed71c5ac6e2bbf27a4f9017b6df2378a9ddee93e
408793d10a1af43527efc25cfe98375f0b04303d5a39d2773ba1fae49ed7e2e6
42c4d428434e2e53d5555510c8fc33f148d5d03e2e24271ca372bcfbc0ea4237
4b079f20bf643e89698b5c390b3b533f9782d55142e6109a1cab67d86869499e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbf0a19df51ceb44a9cd2941b522d5fbdf541d993a53784b26813056ac9a4a5
4bf185d2b8a00d67d9d199c7e089d13bddea38e14030a68cca4e3699039a78d9
4da153d559e3302f16b980dcb245d0fd882f6985541d591693dea2485837b77b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f0ed11d40805b9e2980d4831f74838b68ead238243324ba9d64e8e45f586b5
51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db
52b72c5410917f399dcdb3d827537f9d42650653cc4c7b94463b52c4fac779b8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55146e4beb0d1e16fe104092ed8cb7bc92aa167b2d1227cfca6316b0636ef7df
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a27f8cdfadb27e079737c2dfd65d27f6ff3beb4e6f298e279db7a2c77d28df7
5b9fc3902a71c066b58f4470744cb073168f34da05f40bcbc24c0a33bc85858a
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72618a0aeea718799117d66290446e824bce3b017c34de88c43a28cff87ee9af
73d390d4a7b9b8b5d1fd8efee66f3cd6487282b44322af02e933ad1bdb5eadaf
7885e9126e482314497c6e3a9ccc7eef92d56d74450dbed2767930d815b36455
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7ab4d04982b744dc84f89ab7c7afbaf67295e27e21f3d005fa2a93a065dc0602
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bb786a7875b7ba84efb7dcf5e58fa5ac6d834849b9ac31452f0147648eb8448
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d7643dd6043bcdde15382b1e39d8720150395f412e8b2e7b5e44e204ffa3cec
7e36c32717961275712554db490cedad822e089503776b7ec25186c764cd11f7
7e6015c5b1c0cdd5b74eec8cb4b887b710346f07d1ba995e9df40b9c7a9b4115
7ef2931d3bd802be9e67e6789c378b234b82f61dfabf7dd7dfa62687cde9c6ac
7f971e22dd2984c774ea879f43b7b176c664e8a8fdc0136ae2a82a9114586468
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873470d56849b263e38c96bf51b0b884c98d959387de7f9e0134a79cfbb3e7fb
8abb15b350f4961e50cc878fae03a44f5afab6d58d329bf7959edd6a225687e2
9203e6b819c805a5808f645ca836302e1d74a20f5f2eade869fc54b29a663ffa
93b30254735f4e6ae034272443ff1b987974046a67bcdf5e72a52d6ffdd1a7df
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
961838f9cc404b52bd0c79f020de8bb5546e238acf8ce24ff7ad3dba54afdf39
99e9866bb713a4194b11734cf3a728872a90b22d2a68d8f2d16abf9fe65b82d4
9d691907d6c322fc9f83897c6158f134c63b58304420e22769b72fc7558d3d2c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1fd19c0b4c72031989a7fbf09e2b6bf6b7a277404a2359b3c448116d6609f57
a5a107b924ba9dd5b041f5a96e1b996ed9cecdfbceffea0b702872cc6b0cd121
a651f03b0281c935cf58f6b7ec1b9dcb37c0b73a28f37a281a75022575b3b301
a95b8dd024ef75bd712754922bea85f15851105b8a398330cdfb92039d212f58
ab8d6fa3589d2aaf852aaff25ef9ba685ee97708b5e9b38968bb29b936da48b7
ab981ad98686bc1d82baaa46c29012dbdb9dba596afa6f9a43838953aec00efb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b05da04ed5778632c6f9a861a1bc26b0d536d5e63aece0b547abeed977a24c5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ba151abd6ddb624f5b4e4fb16ca70e0c8a62ee14ee6cc20faecd204294e44d
b4b36f862fae672a6d926130bebeb95c5cedc5eab58e9ebb7d940a6e5014d9d5
bd58c023a72f342f6037bf474a033cbb969fa7205abee7677150d6ec2173b69e
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c97ac62300ca518092eff2cb8c98e589c3b9fb3cd76d6f4201e1e938b122feb9
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d49b7c1a3e5c9b18115710fcb415031aef60a04661cb1e47e2a48cef608b53c6
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1
d8580a2fbc6fd976e4471b165165640d0f94b7d156e365a3a245189dcd411c30
d85acbee4e5e00d6a721a753cb3491f13f47b35c93cc4abfbf66b09a755345a7
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8de3da086bc3422b20ab60526ec883ca9c82946a66fd7381543a80a03011b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8eeb21a517805c2a70a4c9f542c4fae3a46ade3a1ecb7fafa1862f5b63197f4
ee637adf34929d2c168d8142d7340fd1a6c5ab880c113fedfa83ae9ac24fcd69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e329624a41e2cd7ef13d83dedde07666fb2c3741a6e925ca18219d3991a2ba
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5c0bc154ef72cd3195f9435f64a82bcc65d8eb2d4c9fd8eeecd8d02a94f3bcd
f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93
fa85956f083369c2cf8d7fdba0260d79a0a2a35830968af43bcf822ad2baa01b
fabc5a49269ec5c2dc576471f74f5b0f5c935017e8080f88a9e70524181c6c3c
faed0a48e33f3dd5974fa6cf42f6a89e090e16af4e38d7b4e633038b5a79abf4
fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

login-gm.atfx.com Open in urlscan Pro 2a02:26f0:3500:14::1724:a24b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

249 Requests

90 %HTTPS

58 %IPv6

43 Domains

59 Subdomains

53 IPs

10 Countries

6406 kBTransfer

22189 kBSize

50 Cookies

2 Outgoing links

Page URL History

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login-gm.atfx.com Open in urlscan Pro
2a02:26f0:3500:14::1724:a24b Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

90 %
HTTPS

58 %
IPv6

43
Domains

59
Subdomains

53
IPs

10
Countries

6406 kB
Transfer

22189 kB
Size

50
Cookies

249 HTTP transactions
2 data transactions