Submitted URL: https://oxsecurities.mycellphoneisanatm.com/
Effective URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 30 via api from IT — Scanned from IT

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 41 HTTP transactions. The main IP is 172.67.12.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is clientportal.oxsecurities.com.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time clientportal.oxsecurities.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.254.231.86 46606 (UNIFIEDLA...)
21 172.67.12.69 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.65.44 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
4 141.226.228.48 200478 (TABOOLA-AS)
1 104.18.27.46 13335 (CLOUDFLAR...)
3 2600:9000:26d... 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
41 11
Apex Domain
Subdomains
Transfer
21 oxsecurities.com
clientportal.oxsecurities.com
api-crm.oxsecurities.com
3 MB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 862
psb.taboola.com — Cisco Umbrella Rank: 5951
trc.taboola.com — Cisco Umbrella Rank: 686
trc-events.taboola.com — Cisco Umbrella Rank: 2720
25 KB
4 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3395
d.adroll.com — Cisco Umbrella Rank: 1624
121 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
193 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
17 KB
1 walletconnect.com
verify.walletconnect.com — Cisco Umbrella Rank: 64643
1 mycellphoneisanatm.com
oxsecurities.mycellphoneisanatm.com
427 B
41 8
Domain Requested by
18 clientportal.oxsecurities.com clientportal.oxsecurities.com
4 trc-events.taboola.com cdn.taboola.com
3 s.adroll.com clientportal.oxsecurities.com
s.adroll.com
3 trc.taboola.com cdn.taboola.com
3 api-crm.oxsecurities.com clientportal.oxsecurities.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com clientportal.oxsecurities.com
www.googletagmanager.com
2 cdn.jsdelivr.net clientportal.oxsecurities.com
1 d.adroll.com s.adroll.com
1 verify.walletconnect.com clientportal.oxsecurities.com
1 psb.taboola.com cdn.taboola.com
1 cdn.taboola.com www.googletagmanager.com
1 oxsecurities.mycellphoneisanatm.com 1 redirects
41 13

This site contains no links.

Subject Issuer Validity Valid
oxsecurities.com
WE1
2024-10-05 -
2025-01-03
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
walletconnect.com
WE1
2024-10-23 -
2025-01-21
3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02
2024-05-03 -
2025-06-01
a year crt.sh
d.adroll.com
Amazon RSA 2048 M02
2024-09-09 -
2025-10-09
a year crt.sh

This page contains 2 frames:

Primary Page: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Frame ID: 1123E332EE88AF434D06C5F232246E28
Requests: 40 HTTP requests in this frame

Frame: https://verify.walletconnect.com/d63d0ee28867404e3d48ff0a7b72f0a0
Frame ID: F0A43D5171453C54ED43FC91A704EE4B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

OX Securities | OX Securities

Page URL History Show full URLs

  1. https://oxsecurities.mycellphoneisanatm.com/ HTTP 301
    https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

13
Subdomains

11
IPs

5
Countries

3587 kB
Transfer

10743 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oxsecurities.mycellphoneisanatm.com/ HTTP 301
    https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sign-up
clientportal.oxsecurities.com/auth/
Redirect Chain
  • https://oxsecurities.mycellphoneisanatm.com/
  • https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
870 B
1 KB
Document
General
Full URL
https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9242118603f9ba214f034ab33675ee3112a72915e6c674a00e4ffe6d2faf5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8da80df05e0a525a-MXP
content-encoding
br
content-type
text/html
date
Wed, 30 Oct 2024 02:42:52 GMT
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
server
cloudflare
vary
accept-encoding

Redirect headers

content-length
284
content-type
text/html; charset=iso-8859-1
date
Wed, 30 Oct 2024 02:42:51 GMT
location
https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
server
Apache
swig.min.js
clientportal.oxsecurities.com/
46 KB
16 KB
Script
General
Full URL
https://clientportal.oxsecurities.com/swig.min.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e040a5088f42ad7c625391e87342772a4af9e43a60e790c3dfb4f8f88dcd4045

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-b628"
cf-ray
8da80df5c91a525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:53 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
tronweb.js
clientportal.oxsecurities.com/
1 MB
239 KB
Script
General
Full URL
https://clientportal.oxsecurities.com/tronweb.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415e9511777e6654363ccbbcefd5d0588f8e125851b214782972fe189e86a47d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-106741"
cf-ray
8da80df5c91b525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:54 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
buffer.min.js
cdn.jsdelivr.net/npm/@otplib/preset-browser@12.0.0/
43 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@otplib/preset-browser@12.0.0/buffer.min.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52117aa4910a8feebd4a9b25109bbd58a18bd31375136eb704a13802309cfb0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"ad21-C36ZbJ1Hon7txsC3Q8ezk+qmwLc"
age
501752
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 30 Oct 2024 02:42:52 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230097-FRA, cache-mxp6964-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
7726
x-jsd-version
12.0.0
index.min.js
cdn.jsdelivr.net/npm/@otplib/preset-browser@12.0.0/
31 KB
9 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@otplib/preset-browser@12.0.0/index.min.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04c90225a98736467a6353aa558fcaef38b8310aa78664526ff212b92d4edfec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"7a72-1ZwGs2hyQqvdMwJdGrrPZL9UFgk"
age
1247856
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 30 Oct 2024 02:42:52 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230095-FRA, cache-mxp6964-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
9178
x-jsd-version
12.0.0
main.b6141fe0.js
clientportal.oxsecurities.com/static/js/
7 MB
2 MB
Script
General
Full URL
https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb1ff59b1106b324772c3132b77e462bbe1f995c4773fa41a9e096ffeaa19df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-6c58bb"
cf-ray
8da80dfe7dd9525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:56 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
main.fd5b754f.css
clientportal.oxsecurities.com/static/css/
37 KB
7 KB
Stylesheet
General
Full URL
https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43352a4300e59f37aa1ef224d4e03c45f29b6998de3d510d394327392864b993

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-93f1"
cf-ray
8da80df5c91c525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:53 GMT
content-type
text/css
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
1884.cae9a0b2.chunk.js
clientportal.oxsecurities.com/static/js/
276 KB
73 KB
Script
General
Full URL
https://clientportal.oxsecurities.com/static/js/1884.cae9a0b2.chunk.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e770757f9611533a2175d521c4c5f197655976e3b135678d12cbb924c319c74e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-450b5"
cf-ray
8da80e16e9af525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
1572.000dddfb.chunk.js
clientportal.oxsecurities.com/static/js/
8 KB
4 KB
Script
General
Full URL
https://clientportal.oxsecurities.com/static/js/1572.000dddfb.chunk.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b0ee10d3218afffd363a36f91ffc3a5edeb0595bb74db3d7f503f29a1cde85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-21ba"
cf-ray
8da80e179a31525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
235 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M2BRH7W9
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11dfcc64987b1a72555f4c0879be01ed9dfe110f7ff9cd819a6399d2138b73a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 30 Oct 2024 02:42:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 02:42:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 00:21:23 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84966
x-xss-protection
0
server
Google Tag Manager
ox_dp_new.dad06b1db5050499a7a6.png
clientportal.oxsecurities.com/static/media/
48 KB
49 KB
Image
General
Full URL
https://clientportal.oxsecurities.com/static/media/ox_dp_new.dad06b1db5050499a7a6.png
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d62bd72c41d77903b61e8bcf39c75d4e999c8a95bf3fb115e991b8873bcbc86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-be97"
cf-ray
8da80e17ba43525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
48791
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
image/png
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

Content-Type
image/svg+xml
truncated
/
602 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c593f52da3c5354cdc2012b87a240ae8e350fb6b18ec97a88ff999d7297796d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

Content-Type
image/svg+xml
truncated
/
878 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
510e02763ec627824da84ca0dd1311d8bbd8f5f2a912f754726e6f635a5cc9f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

Content-Type
image/svg+xml
basic-info
api-crm.oxsecurities.com/api/client/auth/v1/
855 B
1 KB
XHR
General
Full URL
https://api-crm.oxsecurities.com/api/client/auth/v1/basic-info
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6420f1f398a6424e14424c1a21869e222df6c21ad73314739b02114786a620

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"357-9Z5il8OtHLy5qokgMyFHUpEOkWI"
cf-ray
8da80e182c74bb1d-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
inter-latin-600-normal.8f1e0300e8d26fa8919d.woff2
clientportal.oxsecurities.com/static/media/
17 KB
18 KB
Font
General
Full URL
https://clientportal.oxsecurities.com/static/media/inter-latin-600-normal.8f1e0300e8d26fa8919d.woff2
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://clientportal.oxsecurities.com
Referer
https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-44fc"
cf-ray
8da80e17ea55525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17660
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/octet-stream
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
inter-latin-400-normal.be7cb18dc7caf47cf7e9.woff2
clientportal.oxsecurities.com/static/media/
16 KB
17 KB
Font
General
Full URL
https://clientportal.oxsecurities.com/static/media/inter-latin-400-normal.be7cb18dc7caf47cf7e9.woff2
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://clientportal.oxsecurities.com
Referer
https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-4144"
cf-ray
8da80e17ea57525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
16708
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/octet-stream
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
TrustpilotMicroWhite.5fe0a3b4c8e74e63d1fc0aaa2cd0d6d7.svg
clientportal.oxsecurities.com/static/media/
16 KB
7 KB
Image
General
Full URL
https://clientportal.oxsecurities.com/static/media/TrustpilotMicroWhite.5fe0a3b4c8e74e63d1fc0aaa2cd0d6d7.svg
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3b058bc893d699d6669ad45034d2b1b677a321e35d04bfe88204357ddd5f5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-41e3"
cf-ray
8da80e180a61525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
OX%20Guest%20bg%20dark.68234ba4544ea134fa44.png
clientportal.oxsecurities.com/static/media/
558 KB
559 KB
Image
General
Full URL
https://clientportal.oxsecurities.com/static/media/OX%20Guest%20bg%20dark.68234ba4544ea134fa44.png
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550faeb5b329f0bce855002a6583a69dd1606eb839b7012a53cd5ba9c62a7c16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-8b63c"
cf-ray
8da80e180a64525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
570940
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
image/png
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
bullTrans.523d39e8c2f683505043.png
clientportal.oxsecurities.com/static/media/
403 KB
404 KB
Image
General
Full URL
https://clientportal.oxsecurities.com/static/media/bullTrans.523d39e8c2f683505043.png
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17b9496d1a39fb0a5eb047b100a6956061e90abee16b84c7e0610f1d55a31e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-64ccc"
cf-ray
8da80e180a65525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
412876
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
image/png
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
inter-latin-800-normal.7e1a31f93354d23987f4.woff2
clientportal.oxsecurities.com/static/media/
17 KB
18 KB
Font
General
Full URL
https://clientportal.oxsecurities.com/static/media/inter-latin-800-normal.7e1a31f93354d23987f4.woff2
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51ac27d8b29011f6774908f6a51a53b1ac07a009ba73928dc459ca34670f5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://clientportal.oxsecurities.com
Referer
https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-4564"
cf-ray
8da80e181a6d525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17764
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/octet-stream
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
328 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EP8TSF4B78&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BRH7W9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edad2e55105c8373edbea59f2c0299e8f76ddb379d222c28e586064e5898dcee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 30 Oct 2024 02:42:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111420
x-xss-protection
0
server
Google Tag Manager
tfa.js
cdn.taboola.com/libtrc/unip/1642809/
71 KB
22 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1642809/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BRH7W9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8996336e391403ac946c121a2a7c14f91b239b3baf764dec349c298c811ffe54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
gzip
etag
"86bd40589cdc1006adb645b91e2b178d"
x-amz-version-id
CXQiRPRp4gl5HrXDNBzMYFhX_fScY6Ss
age
0
x-cache
HIT
date
Wed, 30 Oct 2024 02:42:58 GMT
last-modified
Sun, 27 Oct 2024 11:07:30 GMT
x-served-by
cache-mxp6920-MXP
x-cache-hits
0
content-type
application/javascript; charset=utf-8
x-amz-id-2
PhWZoddGnXRZIc9BRbGNAi6YJDX4lUX8u02t1YI/hFkUSD6+J6xGLA+MJFN6ahZjKyswzSxfyYQ=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1730256178.183774,VS0,VE222
via
1.1 varnish
x-amz-request-id
JTBHWEKQZKYSQ2ST
accept-ranges
bytes
access-control-allow-origin
*
abp
53
content-length
22031
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EP8TSF4B78&gtm=45je4as0v9183413041z89175421859za200zb9175421859&_p=1730256177856&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=884205604.1730256178&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730256178&sct=1&seg=0&dl=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&dt=undefined%20%7C%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7416
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EP8TSF4B78&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://clientportal.oxsecurities.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
text/plain
server
Golfe2
topics_api
psb.taboola.com/
65 B
279 B
Fetch
General
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1642809/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1730256178.486921,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-mxp6930-MXP
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1642809/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1642809/trc/3/json?tim=1730256178428&data=%7B%22id%22%3A589%2C%22ii%22%3A%22%2Fauth%2Fsign-up%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1730256178420%2C%22cv%22%3A%2220241022-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fcode%3DophAr7k4N1q23R9tCGik%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Doxsecurities-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1730256178426%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1642809/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a379a8d7764b49c98624a1ec17c4c1670fa69c2e710990afbd09180ee4d514a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-mxp6920-MXP
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
67711
x-timer
S1730256178.452555,VS0,VE82
x-vcl-time-ms
82
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.05550000000000001
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
unip
trc.taboola.com/1642809/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc.taboola.com/1642809/log/3/unip?en=Signup&tim=1730256178431&vi=1730256178420&ri=047477abbf06842f1aea9ccb4f2de0e4&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&tos=121&ssd=1&scd=0&it=JS_PIXEL&psb=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://clientportal.oxsecurities.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://clientportal.oxsecurities.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Wed, 30 Oct 2024 02:42:58 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-to-nlb-rtt
70315
x-served-by
cache-mxp6930-MXP
x-service-version
v1
x-timer
S1730256179.561359,VS0,VE72
x-vcl-time-ms
72
unip
trc.taboola.com/1642809/log/3/
0
115 B
XHR
General
Full URL
https://trc.taboola.com/1642809/log/3/unip?en=Signup&tim=1730256178431&vi=1730256178420&ri=047477abbf06842f1aea9ccb4f2de0e4&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&tos=121&ssd=1&scd=0&it=JS_PIXEL&psb=true
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1642809/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://clientportal.oxsecurities.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 30 Oct 2024 02:42:58 GMT
content-type
image/gif
x-served-by
cache-mxp6920-MXP
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
67590
pragma
no-cache
x-timer
S1730256179.656272,VS0,VE69
x-vcl-time-ms
69
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://clientportal.oxsecurities.com
x-service-version
v1
server
nginx
region
api-crm.oxsecurities.com/api/admin/v1/
30 KB
3 KB
XHR
General
Full URL
https://api-crm.oxsecurities.com/api/admin/v1/region
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efaff9b9a68314427662cd68e9a52ae50667c4124e2af163c67469324ad51175

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"7604-aGQ44f4+vhRUxXzGXmx+IsQI9UY"
cf-ray
8da80e1d5e3cbb1d-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
phone-code
api-crm.oxsecurities.com/api/admin/v1/
4 KB
1 KB
XHR
General
Full URL
https://api-crm.oxsecurities.com/api/admin/v1/phone-code
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/main.b6141fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb14075cfed5aee879cfa9cd0d42d1c12ee629638d4c652f327d2d26dd1fad5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"1020-m29umqvA5XHZ9GYDImxizXEBhfI"
cf-ray
8da80e1d5e3dbb1d-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
inter-latin-700-normal.54321e26b8bf4739a16d.woff2
clientportal.oxsecurities.com/static/media/
17 KB
18 KB
Font
General
Full URL
https://clientportal.oxsecurities.com/static/media/inter-latin-700-normal.54321e26b8bf4739a16d.woff2
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://clientportal.oxsecurities.com
Referer
https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-4578"
cf-ray
8da80e1d7cf3525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17784
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/octet-stream
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
inter-latin-500-normal.c72c72b70c82b1f4bacf.woff2
clientportal.oxsecurities.com/static/media/
17 KB
18 KB
Font
General
Full URL
https://clientportal.oxsecurities.com/static/media/inter-latin-500-normal.c72c72b70c82b1f4bacf.woff2
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://clientportal.oxsecurities.com
Referer
https://clientportal.oxsecurities.com/static/css/main.fd5b754f.css

Response headers

cf-cache-status
BYPASS
etag
"67201f0b-4490"
cf-ray
8da80e1d7cf5525a-MXP
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17552
date
Wed, 30 Oct 2024 02:42:59 GMT
content-type
application/octet-stream
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
unip
trc-events.taboola.com/1642809/log/3/
0
256 B
XHR
General
Full URL
https://trc-events.taboola.com/1642809/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1730256178424&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1730256179977&vi=1730256178420&ri=047477abbf06842f1aea9ccb4f2de0e4&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1642809/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://clientportal.oxsecurities.com/

Response headers

access-control-allow-origin
https://clientportal.oxsecurities.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 30 Oct 2024 02:43:00 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1642809/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1642809/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1730256178424&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1730256179977&vi=1730256178420&ri=047477abbf06842f1aea9ccb4f2de0e4&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://clientportal.oxsecurities.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://clientportal.oxsecurities.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Wed, 30 Oct 2024 02:43:00 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
d63d0ee28867404e3d48ff0a7b72f0a0
verify.walletconnect.com/ Frame F0A4
0
0
Document
General
Full URL
https://verify.walletconnect.com/d63d0ee28867404e3d48ff0a7b72f0a0
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/static/js/1884.cae9a0b2.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://clientportal.oxsecurities.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-ray
8da80e2588340e8d-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 30 Oct 2024 02:43:00 GMT
server
cloudflare
vary
Accept-Encoding
roundtrip.js
s.adroll.com/j/52Y7HZNESJGLFOHJCP57HR/
107 KB
33 KB
Script
General
Full URL
https://s.adroll.com/j/52Y7HZNESJGLFOHJCP57HR/roundtrip.js
Requested by
Host: clientportal.oxsecurities.com
URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fffdc060989cc56c8d7dbc7e8953c86e8417fbfa67a537a44a59a011ea0e250

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
G8AC6Li.AUrXyltbqVpWxSHN_dy85I8d
Etag
W/"50b05560f73d6f04594ed94fd707fc50"
Age
2342
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Y3bxqp2pwMk-H4m2EjHHx8TTe50G8IbpWCWsx3Sumgeiqrj7yWL6Aw==
Date
Wed, 30 Oct 2024 02:43:00 GMT
Content-Type
text/javascript; charset=utf-8
Vary
accept-encoding
Last-Modified
Sat, 26 Oct 2024 11:27:11 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
MUC50-P4
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
undefined
clientportal.oxsecurities.com/
870 B
1 KB
Other
General
Full URL
https://clientportal.oxsecurities.com/undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9242118603f9ba214f034ab33675ee3112a72915e6c674a00e4ffe6d2faf5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8da80e2689a2525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:43:00 GMT
content-type
text/html
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
accept-encoding
server
cloudflare
favicon.ico
clientportal.oxsecurities.com/
5 KB
6 KB
Other
General
Full URL
https://clientportal.oxsecurities.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.12.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9b0d9fe28357e4b4e684a72c031247e7bdfb1deb9459649a90a2a1dc05af31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-encoding
br
cf-cache-status
BYPASS
etag
W/"67201f0b-12f5"
cf-ray
8da80e287aa7525a-MXP
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 02:43:01 GMT
content-type
image/x-icon
last-modified
Mon, 28 Oct 2024 23:32:27 GMT
vary
Accept-Encoding
server
cloudflare
52Y7HZNESJGLFOHJCP57HR
d.adroll.com/consent/check/
569 B
662 B
Script
General
Full URL
https://d.adroll.com/consent/check/52Y7HZNESJGLFOHJCP57HR?flg=1&pv=12386105963.356853&arrfrr=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&_s=148f0fb762f86a83a24d0bec564c37dd&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/52Y7HZNESJGLFOHJCP57HR/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:3198:2121:51c3:7ad5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
d6a3cfe0f23e87c1ace3715beede697c850035c39cc3fb9ac9786977c39b6a62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

content-length
569
date
Wed, 30 Oct 2024 02:43:00 GMT
content-type
application/javascript
server
nginx/1.22.1
consent_tcfv2.js
s.adroll.com/j/
418 KB
85 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/52Y7HZNESJGLFOHJCP57HR/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc8d80275b5424166b5d382894515535e167388cfbad6ae3008b18ea0f1e172c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
8ETCE8t9zap6ixXqEEaKFHCQITOmoal5
Etag
W/"4fa0fae27db5bad9bb2635e3a23d52e1"
Age
271
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Bne2GQaOiRL9K9BUuwMAIQvZzQyw4dxhETvVBvRRddGCL-5m_g9zEQ==
Date
Wed, 30 Oct 2024 02:39:56 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Mon, 30 Sep 2024 16:15:47 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
MUC50-P4
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
nextroll-32x32.png
s.adroll.com/i/favicon/
2 KB
2 KB
Image
General
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
77312
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
8WPnEvYNwoX-ALrZYyA2kqSK3KCzH5hQvsAZYmChNWE84T_K2F-3Ww==
Date
Tue, 29 Oct 2024 05:15:16 GMT
Content-Type
image/png
Vary
Accept-Encoding
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1615
X-Amz-Cf-Pop
MUC50-P4
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
unip
trc-events.taboola.com/1642809/log/3/
0
255 B
XHR
General
Full URL
https://trc-events.taboola.com/1642809/log/3/unip?en=pre_d_eng_tb&tos=4553&scd=0&ssd=1&est=1730256178424&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1730256182978&vi=1730256178420&ri=047477abbf06842f1aea9ccb4f2de0e4&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1642809/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://clientportal.oxsecurities.com/

Response headers

access-control-allow-origin
https://clientportal.oxsecurities.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Wed, 30 Oct 2024 02:43:03 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1642809/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1642809/log/3/unip?en=pre_d_eng_tb&tos=4553&scd=0&ssd=1&est=1730256178424&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1730256182978&vi=1730256178420&ri=047477abbf06842f1aea9ccb4f2de0e4&ref=null&cv=20241022-18-RELEASE&item-url=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://clientportal.oxsecurities.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://clientportal.oxsecurities.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Wed, 30 Oct 2024 02:43:03 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EP8TSF4B78&gtm=45je4as0v9183413041za200zb9175421859&_p=1730256177856&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=884205604.1730256178&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730256178&sct=1&seg=0&dl=https%3A%2F%2Fclientportal.oxsecurities.com%2Fauth%2Fsign-up%3Fcode%3DophAr7k4N1q23R9tCGik&dt=undefined%20%7C%20Loading&en=scroll&epn.percent_scrolled=90&_et=4&tfd=12430
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EP8TSF4B78&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://clientportal.oxsecurities.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://clientportal.oxsecurities.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 02:43:03 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| swig object| regeneratorRuntime object| proto object| TronWebProto function| TronWeb object| buffer function| Buffer object| otplib object| webpackChunkfox_crm_wizard function| _ function| IMask object| __STORYBOOK_ADDONS_PREVIEW string| STORYBOOK_ENV boolean| IS_STORYBOOK object| __STORYBOOK_PREVIEW__ object| __STORYBOOK_CLIENT_API__ object| __STORYBOOK_ADDONS_CHANNEL__ object| __STORYBOOK_STORY_STORE__ object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll function| __cmp function| __tcfapi function| __gpp boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| adroll_tpc_callback object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner

7 Cookies

Domain/Path Name / Value
.oxsecurities.com/ Name: _ga
Value: GA1.1.884205604.1730256178
.oxsecurities.com/ Name: _ga_EP8TSF4B78
Value: GS1.1.1730256178.1.0.1730256178.0.0.0
.walletconnect.com/ Name: __cf_bm
Value: 4EIWkjq3vNu57ojakTNc4rOHfLFIiLWuNsBZGeeog8Y-1730256180-1.0.1.1-aXoq3y3pVB4Hs2xXPhkIy1CJpRCIeeJLG8umJL85R2.U2OCV4cUlIAMr11pLbWf8tqA4PSM2B12.yoy9UcJyPA
clientportal.oxsecurities.com/ Name: AWSALBTG
Value: sEQimiIk7QOnB4Quj23lHi8TZ7YwQVOEE8PteX6ZhCPQk3ndfe1ydoAemhqUN1tqRrZvvpM9ZpBJWM5jpLgGOiJlszO5dWA9TKAZkyYc462NseRikqOIYNNkmOjc6V92qX2nrkSx9Nqe4nRDjW4xKeYWVFAYTpkHcwZaUUhYgSpBHvV9lr0=
clientportal.oxsecurities.com/ Name: AWSALBTGCORS
Value: sEQimiIk7QOnB4Quj23lHi8TZ7YwQVOEE8PteX6ZhCPQk3ndfe1ydoAemhqUN1tqRrZvvpM9ZpBJWM5jpLgGOiJlszO5dWA9TKAZkyYc462NseRikqOIYNNkmOjc6V92qX2nrkSx9Nqe4nRDjW4xKeYWVFAYTpkHcwZaUUhYgSpBHvV9lr0=
clientportal.oxsecurities.com/ Name: AWSALB
Value: is+tue1d9p7ajoLiOc09PFvMeyaF6OF18+MzV9sih6zTM8ovQzZdUUsmqe9a1pocXkgMQbZO8Sq5DZ2aAV1xfeW7CjD9RhhvjcNCfJFJSDtS/LzAus2z6HlMOGCs
clientportal.oxsecurities.com/ Name: AWSALBCORS
Value: is+tue1d9p7ajoLiOc09PFvMeyaF6OF18+MzV9sih6zTM8ovQzZdUUsmqe9a1pocXkgMQbZO8Sq5DZ2aAV1xfeW7CjD9RhhvjcNCfJFJSDtS/LzAus2z6HlMOGCs

3 Console Messages

Source Level URL
Text
recommendation warning URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Message:
[DOM] Found 2 elements with non-unique id #field-:ri:: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://clientportal.oxsecurities.com/auth/sign-up?code=ophAr7k4N1q23R9tCGik
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-crm.oxsecurities.com
cdn.jsdelivr.net
cdn.taboola.com
clientportal.oxsecurities.com
d.adroll.com
oxsecurities.mycellphoneisanatm.com
psb.taboola.com
region1.google-analytics.com
s.adroll.com
trc-events.taboola.com
trc.taboola.com
verify.walletconnect.com
www.googletagmanager.com
104.18.27.46
141.226.228.48
151.101.129.44
151.101.65.44
172.67.12.69
192.254.231.86
2001:4860:4802:32::36
2600:9000:26da:ea00:6:9280:1080:93a1
2a00:1450:4001:802::2008
2a04:4e42:600::485
2a05:d018:cc3:fe04:3198:2121:51c3:7ad5
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
04c90225a98736467a6353aa558fcaef38b8310aa78664526ff212b92d4edfec
11dfcc64987b1a72555f4c0879be01ed9dfe110f7ff9cd819a6399d2138b73a2
2d3b058bc893d699d6669ad45034d2b1b677a321e35d04bfe88204357ddd5f5e
2eb1ff59b1106b324772c3132b77e462bbe1f995c4773fa41a9e096ffeaa19df
3b9242118603f9ba214f034ab33675ee3112a72915e6c674a00e4ffe6d2faf5c
3bb14075cfed5aee879cfa9cd0d42d1c12ee629638d4c652f327d2d26dd1fad5
3fffdc060989cc56c8d7dbc7e8953c86e8417fbfa67a537a44a59a011ea0e250
415e9511777e6654363ccbbcefd5d0588f8e125851b214782972fe189e86a47d
43352a4300e59f37aa1ef224d4e03c45f29b6998de3d510d394327392864b993
510e02763ec627824da84ca0dd1311d8bbd8f5f2a912f754726e6f635a5cc9f8
52117aa4910a8feebd4a9b25109bbd58a18bd31375136eb704a13802309cfb0f
550faeb5b329f0bce855002a6583a69dd1606eb839b7012a53cd5ba9c62a7c16
6c9b0d9fe28357e4b4e684a72c031247e7bdfb1deb9459649a90a2a1dc05af31
7d62bd72c41d77903b61e8bcf39c75d4e999c8a95bf3fb115e991b8873bcbc86
8996336e391403ac946c121a2a7c14f91b239b3baf764dec349c298c811ffe54
a379a8d7764b49c98624a1ec17c4c1670fa69c2e710990afbd09180ee4d514a5
a51ac27d8b29011f6774908f6a51a53b1ac07a009ba73928dc459ca34670f5ae
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c17b9496d1a39fb0a5eb047b100a6956061e90abee16b84c7e0610f1d55a31e9
c593f52da3c5354cdc2012b87a240ae8e350fb6b18ec97a88ff999d7297796d5
c7b0ee10d3218afffd363a36f91ffc3a5edeb0595bb74db3d7f503f29a1cde85
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d6a3cfe0f23e87c1ace3715beede697c850035c39cc3fb9ac9786977c39b6a62
dc8d80275b5424166b5d382894515535e167388cfbad6ae3008b18ea0f1e172c
dd6420f1f398a6424e14424c1a21869e222df6c21ad73314739b02114786a620
e040a5088f42ad7c625391e87342772a4af9e43a60e790c3dfb4f8f88dcd4045
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e770757f9611533a2175d521c4c5f197655976e3b135678d12cbb924c319c74e
edad2e55105c8373edbea59f2c0299e8f76ddb379d222c28e586064e5898dcee
efaff9b9a68314427662cd68e9a52ae50667c4124e2af163c67469324ad51175