login-gm.atfx.com Open in urlscan Pro
2a02:26f0:480:23::1726:6282 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login-gm.atfx.com/login
Submission: On June 07 via manual (June 7th 2023, 2:30:22 am UTC) from TW — Scanned from DE

Summary HTTP 233 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 42 domains to perform 233 HTTP transactions. The main IP is 2a02:26f0:480:23::1726:6282, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is login-gm.atfx.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 2nd 2022. Valid for: a year.

This is the only time login-gm.atfx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2a02:26f0:480... 2a02:26f0:480:23::1726:6282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.17.71 108.138.17.71	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
10	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
7	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	63.34.168.218 63.34.168.218	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:340... 2a02:26f0:3400:19e::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:780... 2a02:26f0:780::210:ca7a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2 6	2600:9000:225... 2600:9000:225e:5600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
8	23.36.162.201 23.36.162.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	52.51.135.19 52.51.135.19	16509 (AMAZON-02) (AMAZON-02)
1 1	63.35.123.106 63.35.123.106	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:4a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
5 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a05:d018:cc3... 2a05:d018:cc3:fe05:fc57:13d8:b65e:4717	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:836e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:77be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:8bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	184.86.251.89 184.86.251.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.86.251.90 184.86.251.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:780... 2a02:26f0:780::5f65:366a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
2	18.136.3.90 18.136.3.90	16509 (AMAZON-02) (AMAZON-02)
233	50

45 2a02:26f0:480:23::1726:6282 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

login-gm.atfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
at-client-portal-api.atfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-71.fra56.r.cloudfront.net

master.d10i7a7v1hjb2v.amplifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd326.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.168.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-168-218.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3400:19e::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.198 (Staten Island, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

10352767.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:ca7a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225e:5600:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.162.201 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-201.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.135.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-135-19.eu-west-1.compute.amazonaws.com

atsolution.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.123.106 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-123-106.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe05:fc57:13d8:b65e:4717 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:836e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:77be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8bce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.149 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.89 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-89.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-90.deploy.static.akamaitechnologies.com

wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::5f65:366a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

metrics.atfx-china.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.136.3.90 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-3-90.ap-southeast-1.compute.amazonaws.com

prod.api.recur-omni.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	atfx.com login-gm.atfx.com at-client-portal-api.atfx.com	4 MB
28	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	42 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 10352767.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121 cm.g.doubleclick.net — Cisco Umbrella Rank: 248	11 KB
15	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 3028 adservice.google.com — Cisco Umbrella Rank: 106	2 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	886 KB
10	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7998	48 KB
9	google.de www.google.de — Cisco Umbrella Rank: 5056	1 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1108 sync-tm.everesttech.net — Cisco Umbrella Rank: 748	2 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 718	201 KB
8	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2676 d.adroll.com — Cisco Umbrella Rank: 1381	53 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	1 KB
7	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 390 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6569	5 KB
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 408	170 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	311 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 386	25 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2131 wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2136 fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net	1 KB
4	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2452 forms.hubspot.com — Cisco Umbrella Rank: 4666	4 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9396	3 KB
4	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1306 c.go-mpulse.net — Cisco Umbrella Rank: 580	103 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 219 atsolution.demdex.net	6 KB
2	recur-omni.io prod.api.recur-omni.io	5 KB
2	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3793	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 760	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	1 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2369	39 KB
2	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2367	41 KB
2	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3557	6 KB
2	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4547	174 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 707	512 B
2	t.co t.co — Cisco Umbrella Rank: 505	493 B
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2635	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	30 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 942	10 KB
2	amplifyapp.com master.d10i7a7v1hjb2v.amplifyapp.com	387 KB
1	atfx-china.com metrics.atfx-china.com	372 B
1	akstat.io 684dd326.akstat.io — Cisco Umbrella Rank: 70610	203 B
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 16926	903 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 971	450 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 375	239 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1007	374 B
233	42

	Domain	Requested by
44	login-gm.atfx.com	login-gm.atfx.com
28	www.google-analytics.com	www.googletagmanager.com login-gm.atfx.com
12	www.googletagmanager.com	login-gm.atfx.com www.googletagmanager.com js.hsadspixel.net
10	hm.baidu.com	login-gm.atfx.com
9	www.google.de	login-gm.atfx.com
8	sync-tm.everesttech.net	8 redirects
8	analytics.tiktok.com	login-gm.atfx.com analytics.tiktok.com
7	www.facebook.com	login-gm.atfx.com
7	www.google.com	login-gm.atfx.com
7	assets.adobedtm.com	login-gm.atfx.com assets.adobedtm.com master.d10i7a7v1hjb2v.amplifyapp.com
6	region1.analytics.google.com	www.googletagmanager.com
6	s.adroll.com	2 redirects login-gm.atfx.com
6	connect.facebook.net	www.googletagmanager.com connect.facebook.net
6	bat.bing.com	www.googletagmanager.com bat.bing.com login-gm.atfx.com
6	googleads.g.doubleclick.net	www.googletagmanager.com
5	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	px.ads.linkedin.com	4 redirects
4	my.rtmark.net	www.googletagmanager.com login-gm.atfx.com
4	10352767.fls.doubleclick.net	2 redirects www.googletagmanager.com
2	prod.api.recur-omni.io	master.d10i7a7v1hjb2v.amplifyapp.com
2	forms.hubspot.com	js.hsleadflows.net
2	track.hubspot.com
2	api.hubapi.com	js.hsadspixel.net
2	sync.search.spotxchange.com	1 redirects login-gm.atfx.com
2	ib.adnxs.com	1 redirects login-gm.atfx.com
2	dsum-sec.casalemedia.com	1 redirects login-gm.atfx.com
2	js.hs-banner.com	js.hs-scripts.com
2	js.hs-analytics.net	js.hs-scripts.com
2	js.hsadspixel.net	js.hs-scripts.com
2	js.hsleadflows.net	js.hs-scripts.com
2	d.adroll.com	s.adroll.com
2	adservice.google.com	10352767.fls.doubleclick.net
2	px4.ads.linkedin.com	login-gm.atfx.com
2	analytics.twitter.com	login-gm.atfx.com
2	t.co	login-gm.atfx.com
2	js.hs-scripts.com	www.googletagmanager.com
2	static.ads-twitter.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	c.go-mpulse.net	s.go-mpulse.net
2	dpm.demdex.net	assets.adobedtm.com login-gm.atfx.com
2	s.go-mpulse.net	login-gm.atfx.com
2	master.d10i7a7v1hjb2v.amplifyapp.com	login-gm.atfx.com
1	metrics.atfx-china.com
1	684dd326.akstat.io	s.go-mpulse.net
1	at-client-portal-api.atfx.com	login-gm.atfx.com
1	fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	ipapi.co	login-gm.atfx.com
1	image2.pubmatic.com	login-gm.atfx.com
1	us-u.openx.net	login-gm.atfx.com
1	pixel.rubiconproject.com	login-gm.atfx.com
1	cm.g.doubleclick.net	login-gm.atfx.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	cm.everesttech.net	1 redirects
1	atsolution.demdex.net	assets.adobedtm.com
233	58

This site contains links to these domains. Also see Links.

Domain
apply-uk.atfx.com
f.hubspotusercontent10.net

Subject Issuer	Validity	Valid
*.atfx.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-02` - `2023-08-04`	a year	crt.sh
*.d10i7a7v1hjb2v.amplifyapp.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-29`	7 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-17` - `2023-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
metrics.atfx-china.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-20` - `2024-04-19`	a year	crt.sh
prod.api.recur-omni.io Amazon RSA 2048 M02	`2023-02-03` - `2023-12-24`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://login-gm.atfx.com/login
Frame ID: D60BB041CF568177E2C3BDC0EBE8410E
Requests: 215 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Frame ID: E0A6DF2C9F51DDCF347D88CC3858A4C9
Requests: 4 HTTP requests in this frame

Frame: https://10352767.fls.doubleclick.net/activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin
Frame ID: DBB8A4A2ABF0B0C5A757FD0543EF48A0
Requests: 2 HTTP requests in this frame

Frame: https://atsolution.demdex.net/dest5.html?d_nsid=0
Frame ID: 78499F1F4AEBA7115D9EA8F197AF76E9
Requests: 9 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Frame ID: 4F3C1E36DB4D8276079319D500CB609C
Requests: 2 HTTP requests in this frame

Frame: https://10352767.fls.doubleclick.net/activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin
Frame ID: 925D9205F8728A0F80B4AA442D60A201
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ATFX Client Portal

Page URL History Show full URLs

https://login-gm.atfx.com/login Page URL
https://login-gm.atfx.com/login Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

233
Requests

91 %
HTTPS

55 %
IPv6

42
Domains

58
Subdomains

50
IPs

9
Countries

6242 kB
Transfer

21678 kB
Size

52
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://apply-uk.atfx.com/
Title: (https://apply-uk.atfx.com/)

Search URL Search Domain Scan URL

URL: https://f.hubspotusercontent10.net/hubfs/6693213/ATFX%20Legal%20Documents%202020%20(All%20Entities)/ATFX%20GM%20Legal%20Documents%202020/ATFX%20GM%20Standard%20Terms%20of%20Business%20EN%20-%20V20200605.pdf
Title: Risk Disclosure Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login-gm.atfx.com/login Page URL
https://login-gm.atfx.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin HTTP 302
https://10352767.fls.doubleclick.net/activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Request Chain 43

https://cm.everesttech.net/cm/dd?d_uuid=89622069259229794542947597123747880256 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZH-rtQAAABs7zQNn

Request Chain 51

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3690196%26time%3D1686105013039%26url%3Dhttps%253A%252F%252Flogin-gm.atfx.com%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJXwJuU_Mi3aQAAAYiTsL1Fa9oBUIUGiRy0xPKQmXswOqceIohJ1YXA3_iCF4SR42YgHdmPBS8NDw

Request Chain 58

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkgtcnRRQUFBQnM3elFObg==

Request Chain 75

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZH-rtQAAABs7zQNn&expires=90

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH-rtQAAABs7zQNn HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH-rtQAAABs7zQNn&C=1

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZH-rtQAAABs7zQNn HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZH-rtQAAABs7zQNn

Request Chain 78

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZH-rtQAAABs7zQNn

Request Chain 79

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZH-rtQAAABs7zQNn

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZH-rtQAAABs7zQNn&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZH-rtQAAABs7zQNn&img=1&__user_check__=1&sync_id=3bb41f16-04db-11ee-bb70-1e588e900106

Request Chain 84

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZH-rtQAAABs7zQNn&t=2592000&o=0

Request Chain 108

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=plr8qqjtf HTTP 302
https://wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 109

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=plr8qqjtf HTTP 302
https://fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 149

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin HTTP 302
https://10352767.fls.doubleclick.net/activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Request Chain 159

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105015687&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105015687&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&e_ipv6=AQIlV2HHG8xHmAAAAYiTsMW_j8sDelaGt2VN6Hyox1nHEHfhgOuamZo8wklXUvO73zWY81bNsvvCtQ

Request Chain 171

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

233 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 login Show response
login-gm.atfx.com/ 15 KB
6 KB 1135ms
1075ms Document
text/html 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

0a3f29f71b535af51932d0d9551a46829b0e043e29eadb83c2bc3e5c849247bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5885
content-type: text/html
date: Wed, 07 Jun 2023 02:30:11 GMT
etag: "647fe88c-2e61"
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
server-timing: cdn-cache; desc=MISS edge; dur=893 origin; dur=2 ak_p; desc="468362_388391874_1192942229_89444_4945_5_0";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 11873 0 pmb=mRUM,1
x-envoy-upstream-service-time: 0

GET
H2 200 vendors-app.45c3aedd.css
login-gm.atfx.com/css/ 85 KB
18 KB 985ms
983ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f5c0bc154ef72cd3195f9435f64a82bcc65d8eb2d4c9fd8eeecd8d02a94f3bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-15509"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=627, origin; dur=37, ak_p; desc="468362_388391874_1192942367_66416_4983_27_0";dur=1
accept-ranges: bytes
content-length: 17532
expires: Wed, 07 Jun 2023 02:30:12 GMT

GET
H2 200 app.833382a1.css
login-gm.atfx.com/css/ 67 KB
11 KB 941ms
939ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/app.833382a1.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f424a2dfd1456a1be85612e8ac4841a6e8ec7bdda8c85a667d57c2264b1b22c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-10b87"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=628, origin; dur=33, ak_p; desc="468362_388391874_1192942368_66145_4982_90_0";dur=1
accept-ranges: bytes
content-length: 11141
expires: Wed, 07 Jun 2023 02:30:12 GMT

GET
H2 200 logo_zh-hant.png
login-gm.atfx.com/static/img/ 4 KB
4 KB 24ms
21ms Image
image/png 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/logo_zh-hant.png

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f2e329624a41e2cd7ef13d83dedde07666fb2c3741a6e925ca18219d3991a2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-e02"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468362_388391874_1192942468_35_4894_11_0";dur=1
accept-ranges: bytes
content-length: 3586
expires: Wed, 07 Jun 2023 02:30:12 GMT

GET
H2 200 indexLanuge.js Show response
login-gm.atfx.com/ 2 KB
852 B 566ms
563ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/indexLanuge.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

fa85956f083369c2cf8d7fdba0260d79a0a2a35830968af43bcf822ad2baa01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-958"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2
server-timing: cdn-cache; desc=MISS, edge; dur=538, origin; dur=4, ak_p; desc="468362_388391874_1192942469_54632_4555_6_0";dur=1
accept-ranges: bytes
content-length: 515

GET
H2 200 recur-livechat.js Show response
master.d10i7a7v1hjb2v.amplifyapp.com/ 758 KB
194 KB 276ms
224ms Script
application/javascript 108.138.17.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71114d4a0acef5dc678ec7fa21bc8cfc718d9ef0f4b2d7edb234ec2be1d14950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 05:12:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
etag: W/"1419dd78a68a5268a5b6af642aaf3b12"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: oSAGeCWxq-KnIFAJDk0JNVI0aEr01k2W6XeQtCwGwBKs9BoStEY4Dg==

GET
H2 200 chunk.crypto-js.1628d69e.js Show response
login-gm.atfx.com/js/ 99 KB
29 KB 632ms
630ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.crypto-js.1628d69e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

55146e4beb0d1e16fe104092ed8cb7bc92aa167b2d1227cfca6316b0636ef7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-18b4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=199, origin; dur=3, ak_p; desc="468362_388391874_1192942456_20197_4962_5_0";dur=1
accept-ranges: bytes
content-length: 29625

GET
H2 200 chunk.core-js.2599a40e.js Show response
login-gm.atfx.com/js/ 87 KB
29 KB 578ms
578ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.core-js.2599a40e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

1fa2f27d40e61b6b580c05e34d446093c5dd809d7803c4ef68ef05524e23ec3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-15ca1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=190, origin; dur=2, ak_p; desc="468362_388391874_1192942460_19264_5346_5_0";dur=1
accept-ranges: bytes
content-length: 29663

GET
H2 200 chunk.element-ui.0e281e8e.js Show response
login-gm.atfx.com/js/ 732 KB
188 KB 791ms
788ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.element-ui.0e281e8e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

71f7d3fb2b44ecf533f28489b280466f9691baa330d1d873ed27827eff9bb1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-b7048"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=235, origin; dur=2, ak_p; desc="468362_388391874_1192942462_23772_4993_5_0";dur=1
accept-ranges: bytes

GET
H2 200 chunk.vue.4a1c49a7.js Show response
login-gm.atfx.com/js/ 75 KB
28 KB 1189ms
1186ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.vue.4a1c49a7.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

20580f9af5de5e2264d9fb10273224b492d5d22b140a1523ba3912ac1e9ab88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-12c24"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=732, origin; dur=3, ak_p; desc="468362_388391874_1192942463_73544_4981_6_0";dur=1
accept-ranges: bytes
content-length: 28044

GET
H2 200 chunk.lodash.d442509e.js Show response
login-gm.atfx.com/js/ 68 KB
25 KB 1171ms
1168ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.lodash.d442509e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

873470d56849b263e38c96bf51b0b884c98d959387de7f9e0134a79cfbb3e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-10f4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=551, origin; dur=3, ak_p; desc="468362_388391874_1192942464_55404_4973_6_0";dur=1
accept-ranges: bytes
content-length: 25112

GET
H2 200 chunk.oidc-client.8f078270.js Show response
login-gm.atfx.com/js/ 273 KB
71 KB 1445ms
1442ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.oidc-client.8f078270.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a5a107b924ba9dd5b041f5a96e1b996ed9cecdfbceffea0b702872cc6b0cd121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:14 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-445a1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=726, origin; dur=3, ak_p; desc="468362_388391874_1192942465_72950_4917_6_0";dur=1
accept-ranges: bytes

GET
H2 200 vendors-app.4feb1201.js Show response
login-gm.atfx.com/js/ 880 KB
274 KB 1426ms
1422ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/vendors-app.4feb1201.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e043716e507228dbdee87f50ef596329d8db47b05ef058b3bcc7d78c2b750a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:14 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-dbece"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 4
server-timing: cdn-cache; desc=MISS, edge; dur=538, origin; dur=7, ak_p; desc="468362_388391874_1192942466_54566_4891_5_0";dur=1
accept-ranges: bytes

GET
H2 200 app.2c3c16a2.js Show response
login-gm.atfx.com/js/ 2 MB
621 KB 30ms
27ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/app.2c3c16a2.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

94e5ad05707bc87496527b4ff5d043e762ecd18b892bb479f41b21fb7a371163

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-27c6d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468362_388391874_1192942467_39_4885_11_0";dur=1
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:30:12 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 0
78 KB 275ms
272ms Other
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-100566"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=152, origin; dur=33, ak_p; desc="468362_388391874_1192942471_18587_4880_5_0";dur=1
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:30:13 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 1 MB
77 KB 274ms
271ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

50818b353993b1de002262d888a52d217099c01b7496cb69d2693ed52d8c33cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-100566"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468362_388391874_1192942470_41_4843_5_0";dur=1
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:30:13 GMT

GET
H2 200 V2UHH-T34F7-YEC6S-FU52F-HJLLF Show response
s.go-mpulse.net/boomerang/ Frame E0A6 202 KB
51 KB 38ms
11ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: br
last-modified: Mon, 29 May 2023 06:22:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
103 KB 76ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2140a662b775211f323dc358cfc1ba7dcfa40c15c1fd03ed5515b97cabfe8022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105259
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1034ms
344ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?61ac16100c228c043039c8a2ba9e8829

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

55a9332e61362115e8c871070beb3e61dd39a084d2eac3b31a0cc8e2039fb839

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 7e2bfe6d4af28620b23db7c64aa00784
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11265

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1034ms
344ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f6a7ea91aaa56510db1faa27ec9e41c1

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

77a0e24d51fa7c28a539ca2fc51bcc129814f43ee6fbfa9c17c71334b907e0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: f5632a265bda9e8f71deb6747a9c0c25
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11256

GET
H2 200 launch-9724699d2dd6.min.js Show response
assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/ 149 KB
47 KB 31ms
6ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8654f41cf749de34db3784398fd4d8f70932e741bf4643a50c800702e68dde53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
last-modified: Thu, 23 Mar 2023 06:57:46 GMT
server: AkamaiNetStorage
etag: "a7fb199efceeecc1130b6b26d43b97c0:1679554666.491009"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48068
expires: Wed, 07 Jun 2023 03:30:12 GMT

GET
H2 200 Muli-Regular.c9c98d2b.woff
login-gm.atfx.com/fonts/ 50 KB
50 KB 248ms
248ms Font
font/woff 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/Muli-Regular.c9c98d2b.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/app.833382a1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

73d390d4a7b9b8b5d1fd8efee66f3cd6487282b44322af02e933ad1bdb5eadaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/app.833382a1.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-c7f8"
content-type: font/woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=203, origin; dur=33, ak_p; desc="468362_388391874_1192942472_23633_4835_12_0";dur=1
accept-ranges: bytes
content-length: 51192
expires: Wed, 07 Jun 2023 02:30:13 GMT

GET
H2 200 new_logo.webp
login-gm.atfx.com/static/img/ 4 KB
4 KB 561ms
559ms Image
image/webp 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/new_logo.webp

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

ab8d6fa3589d2aaf852aaff25ef9ba685ee97708b5e9b38968bb29b936da48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-f94"
content-type: image/webp
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=538, origin; dur=2, ak_p; desc="468362_388391874_1192942473_54052_4774_6_0";dur=1
accept-ranges: bytes
content-length: 3988

GET
H2 200 loading.webm
login-gm.atfx.com/static/img/ 2 KB
3 KB 553ms
552ms Image
video/webm 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/loading.webm

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

b4b36f862fae672a6d926130bebeb95c5cedc5eab58e9ebb7d940a6e5014d9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-9e8"
content-type: video/webm
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=531, origin; dur=2, ak_p; desc="468362_388391874_1192942474_53371_4767_6_0";dur=1
accept-ranges: bytes
content-length: 2536

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 123ms
35ms XHR
application/json 63.34.168.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F64735DD5CF122370A495FCD%40AdobeOrg&d_nsid=0&ts=1686105012858

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.168.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-168-218.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9b497ed3770f75d41af74b9a37ca2694cb2ea0833453f4ff3938b7c1b3349bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v048-0fa970038.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Lbf9tQlXSsc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://login-gm.atfx.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 897
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Wed, 07 Jun 2023 03:30:12 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Wed, 07 Jun 2023 03:30:12 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame E0A6 1 KB
943 B 114ms
53ms XHR
application/json 2a02:26f0:3400:19e::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=V2UHH-T34F7-YEC6S-FU52F-HJLLF&d=login-gm.atfx.com&t=5620350&v=1.632.0&if=&sl=0&si=1tr0kyo9z1s-rvv2yd&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=619580
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3400:19e::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: adb45dd9bb40f47072c9d7ebaacb5f513d3810955b3a9f1c9d349820dbe53fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 623

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 55ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 00:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6885
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 07 Jun 2023 02:35:27 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/ 3 KB
2 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/?random=1686105012927&cv=11&fst=1686105012927&bg=ffffff&guid=ON&async=1&gtm=45He3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=ATFX%20Client%20Portal&auid=79774147.1686105013&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c26e89768f29c63d6ed9c786b9e5179b667734725ad29f1be9a718e9d3e44290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https... Show response
10352767.fls.doubleclick.net/ Frame DBB8
Redirect Chain

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=ht...
https://10352767.fls.doubleclick.net/activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam...

449 B
596 B

30ms
29ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10352767.fls.doubleclick.net/activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

0ab42332eaf035a7fb440006705f858c4011189c7e9ef5e4ea3a088f03ad2aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login-gm.atfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:30:13 GMT
expires: Wed, 07 Jun 2023 02:30:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:30:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10352767.fls.doubleclick.net/activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 57ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 07 Jun 2023 02:30:12 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 647F512A7EA442DBBA9DC5A305367277 Ref B: FRAEDGE2016 Ref C: 2023-06-07T02:30:12Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 63ms
7ms Script
application/x-javascript 2a02:26f0:780::210:ca7a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:ca7a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=9195
server-timing: ak_p; desc="1686105012951_34654838_79834152_15_816_6_43_146";dur=1
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 32ms
8ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230040-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 30ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:30:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rSQdKoH6NV62sVVlgKqC9pH/RF5+MwSvBKMtZKita+xyE0FdMV+BQNMo3mKe+YPpEgn3ME+RnHSBB/UpfUnvgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6693213.js Show response
js.hs-scripts.com/ 2 KB
1 KB 422ms
383ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6693213.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f59f6fe04a48849fcf8e3c73a101ae8a45d416009c49af1f151b3b4565f773e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: c87bfafc-b136-4098-b413-a609aad1c11c
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 854e431b-77f5-4af1-be1c-4e27707f5e29
last-modified: Tue, 06 Jun 2023 21:53:01 GMT
server: cloudflare
x-trace: 2B51CE5074AEC0ACEABBDC80E2B27A464DC6F2A04B000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-t5ghn
cf-ray: 7d3578cb1937bb50-FRA
expires: Wed, 07 Jun 2023 02:31:13 GMT

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 58ms
12ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

10ab237d847c442817c877542e4db7ee1be867bba46b692ef9832204fcad62ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/ 82 KB
24 KB 60ms
8ms Script
text/javascript 2600:9000:225e:5600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 949abd2f5e780babc38b670945a790f4b63db231e1f9bf16fe4c0a93ebd0f9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Amz-Version-Id: zOD_pxvNGqAY02e64qMNrJ75dN63N9gd
Content-Encoding: gzip
Via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
Date: Wed, 07 Jun 2023 02:04:25 GMT
Age: 1549
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 24 May 2023 12:00:34 GMT
Server: AmazonS3
Etag: W/"b796b5b8a94b544b442768b28390c52c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NBYJpSDgfj83zSmSv6kno9joLp89HwGWVZYGSGLBYyef0weui0JUJw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 175ms
114ms Script
application/javascript 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd26ce17afaa987151c617fe40f8411f575bd1acd4f28c79d58070d3f19ec0ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-akamai-request-id: 4477663e.14248fde
date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
x-parent-response-time: 92,23.206.213.201
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=11, inner; dur=3, ak_p; desc="1686105013051_399431113_337940446_9272_4458_5_21_146";dur=1
content-length: 1465
pragma: no-cache
server: nginx
x-tt-logid: 202306070230139A635E7932668839D4AF
x-cache-remote: TCP_MISS from a23-39-229-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.39.229.5
x-tt-trace-host: 0165e47387a63d2aa752b09d3ce4dcb185847d34675100246cd51be00c8a1f30a1b9397d948b64b6935fb07fd48933c2b440d34955e96cb1bfd9c4d93cd2c6b4865bb263529c9adee702365355c9a1ef167d22296304139bc94bdace00924242b58c2e6da9ec3279352dbdfebd5e28e958
expires: Wed, 07 Jun 2023 02:30:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
82 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef1bcded6bf53e1b255ca9a22b0df6609a6d3dce5ab63706a4af1ef562f86e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 02:30:12 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 131ms
110ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ed715ff9-7d38-4c17-a301-d8ca6711a881&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a5392ba-afba-4c3f-9883-360e8221e878&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 07 Jun 2023 02:30:12 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5196be20ddf1901a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2b9432c365493be8ce282066e4ce46019a04577ac16c70fa539a9e695fb9a778
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 134ms
111ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ed715ff9-7d38-4c17-a301-d8ca6711a881&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a5392ba-afba-4c3f-9883-360e8221e878&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 07 Jun 2023 02:30:12 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8e47d6c175568dbd
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 193b06cc43b3bb74be65f00d70a7ae76790f55231178486bf6e9ce6022779e59
content-length: 43

GET
H/1.1 200
OK dest5.html Show response
atsolution.demdex.net/ Frame 7849 7 KB
3 KB 158ms
33ms Document
text/html 52.51.135.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://atsolution.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.135.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-135-19.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v048-0b9efa3f3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9ffJFwcNRXk=
content-encoding: gzip
date: Wed, 7 Jun 2023 02:30:13 GMT
last-modified: Wed, 10 May 2023 10:46:53 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZH-rtQAAABs7zQNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=89622069259229794542947597123747880256
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZH-rtQAAABs7zQNn

42 B
942 B

31ms
31ms

Image
image/gif

63.34.168.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZH-rtQAAABs7zQNn

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Server

63.34.168.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-168-218.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-01f166ef7.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qmx5dGexSNQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZH-rtQAAABs7zQNn
Date: Wed, 07 Jun 2023 02:30:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:30:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QuyqBxBqliP2dohhYHJfpqmtbyyYfZ/rFMuOF9BJdMCQfOXlZlVDxV5pUpDXy2LqnN+pcnjf1UEgj7Qqr9OGfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 661389801117388 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 78ms
78ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661389801117388?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51f916a7ffad2661310fe751c0ddbaa2d26cd4d343f17e9c07aaf84fbe37b988

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:30:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uk7vQUaGRsXwW5brj6qrpe98Z4vTmfuKCgu1Jy0WJEeNuE4wLvmh9KZVxPFZkYK69GZX+yaDaaIT62r4py5UWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819544204/ 42 B
455 B 60ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819544204/?random=1686105012927&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45He3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=3895891653&rmt_tld=0&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819544204/ 42 B
455 B 65ms
28ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819544204/?random=1686105012927&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45He3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=3895891653&rmt_tld=1&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 62ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-152401985-1&cid=1866878897.1686105013&jid=1361212116&gjid=149419593&_gid=1242778450.1686105013&_u=YGBAiAABBAAAAEAAI~&z=814460882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 13ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=pageview&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAAAAAAAI~&jid=1361212116&gjid=149419593&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1084554461

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 01:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2206
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3690196/domain/login-gm.atfx.com/ 36 B
374 B 28ms
9ms XHR
application/json 2600:9000:20eb:4a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3690196/domain/login-gm.atfx.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:27:11 GMT
content-encoding: gzip
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 182
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=15838
x-amz-cf-id: 155p6ulxfTcwrJKxL26csUagpVgixdtn7t6H8iXUo_iyYlFxulXVzQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3690196%26time%3D1686105013039%26url%3Dhttps%253A%252F%252Flogin-gm.atfx.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJXwJuU_Mi3aQAAAYiTsL1Fa9oBUIUGiRy0xP...

0
266 B

161ms
103ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJXwJuU_Mi3aQAAAYiTsL1Fa9oBUIUGiRy0xPKQmXswOqceIohJ1YXA3_iCF4SR42YgHdmPBS8NDw
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 44DC3FF15F1940ACA52303A8BD33EF9A Ref B: FRAEDGE2022 Ref C: 2023-06-07T02:30:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9gOpmYA/bQXf/FD7+XQ==

Redirect headers

date: Wed, 07 Jun 2023 02:30:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 23C925F9F21B4FBBAF1CCBDD472B6655 Ref B: FRAEDGE1815 Ref C: 2023-06-07T02:30:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105013039&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJXwJuU_Mi3aQAAAYiTsL1Fa9oBUIUGiRy0xPKQmXswOqceIohJ1YXA3_iCF4SR42YgHdmPBS8NDw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9gOpjDcZRSvQJhej7ow==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 249 KB
84 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bc4ab5dc1808a7700750e1356fd9c38678d0784a5d8110c20acbbf4f5531c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 02:30:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 60ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3650&_p=2102382511&_gaz=1&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 18ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6Y793BN4BT&cid=1866878897.1686105013&gtm=45je3650&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6Y793BN4BT&cid=1866878897.1686105013&gtm=45je3650&aip=1&z=1152369514

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56384898.js Show response
bat.bing.com/p/action/ 0
117 B 133ms
127ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384898.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 07 Jun 2023 02:30:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFFB96E5491E417AA406C98D8DDB2BB6 Ref B: FRAEDGE2016 Ref C: 2023-06-07T02:30:13Z
x-cache: CONFIG_NOCACHE

GET
H2 200 dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2...
adservice.google.com/ddm/fls/z/ Frame DBB8 42 B
401 B 87ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: 10352767.fls.doubleclick.net
URL: https://10352767.fls.doubleclick.net/activityi;dc_pre=CNbK7NKOsP8CFbuX_QcdbhsLxA;src=10352767;type=homevist;cat=atfxc0;ord=5220175406290;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10352767.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

10ms
9ms

Script
application/javascript

2600:9000:225e:5600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Server: 2600:9000:225e:5600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Tue, 06 Jun 2023 23:12:25 GMT
Via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
Age: 41265
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uwGy6k0gGwyw11cb9nueueiWvgGhJCt6FLx8sDe9VfiMfc67ui-PIA==

Redirect headers

Date: Tue, 06 Jun 2023 03:32:10 GMT
Via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
Age: 82683
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: XZk8rrI4VTjC0U_MUKCmCFXY-7JNzQ9AGg7qDyLi5NftkVMaR769hw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 24ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-152401985-1&cid=1866878897.1686105013&jid=1361212116&_u=YGBAiAABBAAAAEAAI~&z=1962713752

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
24ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-152401985-1&cid=1866878897.1686105013&jid=1361212116&_u=YGBAiAABBAAAAEAAI~&z=1962713752

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3650&_p=2102382511&_gaz=1&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=Page%20view%3A%20https%3A%2F%2Flogin-gm.atfx.com%2Flogin&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RB6RNN86NX&cid=1866878897.1686105013&gtm=45je3650&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
23ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RB6RNN86NX&cid=1866878897.1686105013&gtm=45je3650&aip=1&z=1077124169

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
12ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=PageView&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&rl=&if=false&ts=1686105013207&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1686105013206.526572441&cs_est=true&it=1686105013021&coo=false&tm=1&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:30:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
13ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=PageView&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&rl=&if=false&ts=1686105013209&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1686105013206.526572441&cs_est=true&it=1686105013021&coo=false&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:30:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 UVYGNOCARNBIDOW25C5BBP Show response
d.adroll.com/consent/check/ 463 B
556 B 139ms
39ms Script
application/javascript 2a05:d018:cc3:fe05:fc57:13d8:b65e:4717
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UVYGNOCARNBIDOW25C5BBP?pv=62688877012.38532&arrfrr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&_s=a0101148682f7612128dd5a79c318335&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:fc57:13d8:b65e:4717 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 68741643aebbdaa90f9848b1624532a9db78d0ac7c6e43c82be0472dbbad7e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 main.MTY0NTk0YzcxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 13ms
13ms Script
application/javascript 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-akamai-request-id: 142492f3
date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305301212301649B63B7F5E8C52C35A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018420d296c332dba42327a288eae70e9d8e7be1e931e1caaf501da74061080c6188d4ba62e45816f473723997195e309d9ea7c0b4df2e29c6316da799447a43019d4f40183279de40f4c33d5976448ddbea361e46adc80e6a47b51848c2de9af8
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3, ak_p; desc="1686105013296_399431113_337941235_15_4869_6_0_146";dur=1
content-length: 67857

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkgtcnRRQUFBQnM3elFObg==

170 B
409 B

89ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkgtcnRRQUFBQnM3elFObg==

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686105013.336627,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkgtcnRRQUFBQnM3elFObg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 11ms
11ms Script
application/javascript 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-akamai-request-id: 1424934e
date: Wed, 07 Jun 2023 02:30:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023050811401936014E6C38504B8E8219
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015fb7dce8dadf5a93dcabfd51c321b5600dadd98570b95cd65cfafb383d8532b0b07262e8f5f0b9ce6b6f719de676a4618d4ffb438b314a969cc517e8a874442f2f7240b3f0754e4eabdbaa6bbe9580783ac88379f7566ee8271063741587a925
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3, ak_p; desc="1686105013332_399431113_337941326_13_4314_7_0_146";dur=1
content-length: 30819

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
759 B 137ms
136ms Ping
text/plain 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1fe9c848.1424939b
date: Wed, 07 Jun 2023 02:30:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
x-parent-response-time: 121,23.206.213.201
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=39, inner; dur=33, ak_p; desc="1686105013368_399431113_337941403_12618_2071_11_0_109";dur=1
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202306070230133855EC53F5E603863EA2
x-cache-remote: TCP_MISS from a23-39-229-61.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.39.229.61
x-tt-trace-host: 0165e47387a63d2aa752b09d3ce4dcb185847d34675100246cd51be00c8a1f30a176b0b9c9626ecd5513d7b437ee40dbdc233d80c521cf0dbaaa0b6fe4e340d363948afb4c6a5e0f285386c6aeb20a4685a607196a2bde7a20abc72cb78624ad8984e54ffa9f6ef67e3fbdd98880a74ba8
expires: Wed, 07 Jun 2023 02:30:13 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
88 KB 265ms
230ms Script
application/javascript 2606:4700::6811:836e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:836e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c6e25ad853b5a6ad922795465a0e178c87af06b8a7ab3bde53b7b6939902c8

Request headers

Referer: https://login-gm.atfx.com/
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
x-amz-version-id: 8pz0uDcBGYlrsmWQyDnHbF47HkG8cM.I
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1213/bundle/main/lead-flows-release.js&cfRay=7d3578cddd6e2bd5-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 20
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9a3a55ec-e16d-4441-8c2c-8ae2b8cd435b
last-modified: Tue, 06 Jun 2023 12:07:08 UTC
server: cloudflare
etag: W/"e0a28490756bd60883ddd702b459f472"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7d3578cddd6e2bd5-FRA
x-amz-cf-id: LSnHCFzcubf3yNYeUQ5xiyhJPOHspGnXrWof1cqRGUkNM8b44QC3rg==
x-hs-target-asset: lead-flows-js/static-1.1213/bundle/main/lead-flows-release.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 49ms
22ms Script
application/javascript 2606:4700::6810:77be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:77be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
x-amz-version-id: wXOaVt.1FYp5SJSGbufdokAhWgyD7J.j
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 279
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.381/bundles/pixels-release.js&cfRay=7d3571fd9d7118ff-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5b589f90-2641-4c11-bd9b-c80b78699a0e
last-modified: Mon, 05 Jun 2023 12:31:29 UTC
server: cloudflare
etag: W/"3907b3424cd18a581148905ead09299a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
cf-ray: 7d3578cdcc0f18b5-FRA
x-amz-cf-id: _i65oolBDz0yWa7ViqFjYqUph48PXqLkNDfM_8ZGnx37emU1TkAWDA==
x-hs-target-asset: adsscriptloaderstatic/static-1.381/bundles/pixels-release.js

GET
H2 200 6693213.js Show response
js.hs-analytics.net/analytics/1686105000000/ 66 KB
21 KB 167ms
141ms Script
text/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1686105000000/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db6cfa7c4b954daab528d2355a6345f5fc29882ec3c43258b65acbfcaef7018c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 6Q9QVGNRAJW4QPAY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 20
x-amz-id-2: bYEHnm9Uynn0REwNTCZDbOWaz/4AlhJEUewGePg1AuSgaLNDuCPmXpCbMK9ndxWBoSS2xyoqdeuipA39MzEmxQ==
x-evy-trace-listener: listener_https
x-request-id: afc95ce2-7555-46cc-a818-5ca28fb18c8d
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 31 May 2023 19:00:31 GMT
server: cloudflare
etag: W/"dee84013963a4c44bd4ff605bf9133ce"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7d3578cdcad9bb50-FRA
expires: Wed, 07 Jun 2023 02:35:13 GMT

GET
H2 200 6693213.js Show response
js.hs-banner.com/ 92 KB
20 KB 429ms
395ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c87e705ddf71a11d4a023947e775c362a2cd177e8e931fd6db466083642a070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
x-amz-version-id: YwruBsPLEEgqD7Gpzuc6HmQuGZsm8Ilo
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 3ENH5E0ZTQ2445XJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 66
x-amz-id-2: jp0DgIoijDPuaP8F5qjbmvWSya2RIp2egqjzGEKY08Ndg44vxFFvkCjct7n6WXAECbaPagli+Xc=
x-evy-trace-listener: listener_https
x-request-id: d6bde9e3-3086-440c-bcaf-c141fc51bf96
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 May 2023 12:57:20 GMT
server: cloudflare
etag: W/"c23057edec58c0718dc0b4aecea8b385"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://lp.atcapital.group
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-5smp8
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d3578cddc9c6909-FRA
expires: Wed, 07 Jun 2023 02:35:13 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZH-rtQAAABs7zQNn&expires=90

0
239 B

72ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZH-rtQAAABs7zQNn&expires=90
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686105013.397585,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZH-rtQAAABs7zQNn&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH-rtQAAABs7zQNn
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH-rtQAAABs7zQNn&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZH-rtQAAABs7zQNn&C=1
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=ZH-rtQAAABs7zQNn&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZH-rtQAAABs7zQNn
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZH-rtQAAABs7zQNn

43 B
1 KB

6ms
6ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZH-rtQAAABs7zQNn

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:13 GMT
AN-X-Request-Uuid: 8ce85dad-1b46-452c-ad0b-c5599295b5af
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:13 GMT
AN-X-Request-Uuid: b5612840-a9dc-46f4-b248-03a7180283fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZH-rtQAAABs7zQNn
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.132; 178.162.209.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZH-rtQAAABs7zQNn

43 B
273 B

68ms
17ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZH-rtQAAABs7zQNn
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686105014.770287,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZH-rtQAAABs7zQNn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZH-rtQAAABs7zQNn

1 B
450 B

82ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZH-rtQAAABs7zQNn
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 02:30:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Wed, 07 Jun 2023 02:30:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686105014.872150,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZH-rtQAAABs7zQNn
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 15ms
15ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba&ttl=&rurl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:13 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-152401985-5&cid=1866878897.1686105013&jid=1901136785&gjid=1526561165&_gid=1242778450.1686105013&_u=aGDAiAABBAAAAEAAI~&z=1440553980

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Jun 2023 02:30:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=0&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1second&ea=1second&el=1second&ev=1&_u=aGDAiAABBAAAAEAAI~&jid=1901136785&gjid=1526561165&cid=1866878897.1686105013&tid=UA-152401985-5&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1674971324

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28055
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZH-rtQAAABs7zQNn&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZH-rtQAAABs7zQNn&img=1&__user_check__=1&sync_id=3bb41f16-04db-11ee-bb70-1e588e900106

43 B
548 B

16ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZH-rtQAAABs7zQNn&img=1&__user_check__=1&sync_id=3bb41f16-04db-11ee-bb70-1e588e900106
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 07 Jun 2023 02:30:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=ZH-rtQAAABs7zQNn&img=1&__user_check__=1&sync_id=3bb41f16-04db-11ee-bb70-1e588e900106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 7849
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZH-rtQAAABs7zQNn&t=2592000&o=0

43 B
830 B

37ms
37ms

Image
image/gif

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZH-rtQAAABs7zQNn&t=2592000&o=0

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atsolution.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:30:14 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: cuD8t0KQfjUWEl1F/OEz29D3qHAEx2Cr+GCYjBD9Pkb8V6SbwW4YPO9JDiqzIlxtuagfZP9a8EKAENzPCqvszg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Tue, 06 Jun 2023 19:30:14 PDT

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Wed, 07 Jun 2023 02:30:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686105014.072324,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZH-rtQAAABs7zQNn&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 347ms
347ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1256163575&si=61ac16100c228c043039c8a2ba9e8829&v=1.3.0&lv=1&sn=20534&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:14 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 336ms
336ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=937701552&si=f6a7ea91aaa56510db1faa27ec9e41c1&v=1.3.0&lv=1&sn=20534&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:14 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 json
ipapi.co/ 767 B
903 B 208ms
183ms XHR
application/json 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json?key=8d4f82d1e42403a6a0b8d1e047df9ab827ea71bc

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/vendors-app.4feb1201.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: OPTIONS, POST, OPTIONS, HEAD, GET
content-type: application/json
access-control-allow-origin: https://login-gm.atfx.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uazgHz2wKtuRgqSgF0oHmsxF8nE4aASxpFv%2BC5T%2Big5DeZ5eQiFKEkszuzdWDFDjAcRJxEy4Ofe8vEGx4zRqwwliwTR3Uljy17%2F%2FWFvnJnBsYotRT%2FrP7yAU3AbuzBGXte0Mo%2Bd"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 7d3578d6ec1f30e8-FRA

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=Microdata&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&rl=&if=false&ts=1686105014854&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ATFX%20Client%20Portal%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1686105013206.526572441&it=1686105013021&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:30:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 169 B
1 KB 147ms
117ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6693213

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e9866bb713a4194b11734cf3a728872a90b22d2a68d8f2d16abf9fe65b82d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ad7e9bf9-65a6-47a0-94ba-962c998a863a
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5c043984-56db-479c-8d42-40323c680efb
server: cloudflare
x-trace: 2BF2747A904E495BB8D44605CDA17DE96AF4B0545D000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-vrfj9
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFnuM8d58gcvCFvE%2BzFq04eYIQ4ubPDCZQt0FVlNjmKdKfol%2FNkEGM649oia8QSKGHx1UCu9%2FfWbgrEj6s6Y2lWZ%2F3wSLqOeQgQVjkLx%2BqOatLLv8z7KsWSy79Ku%2F7S%2Fbxc%2FvajmIq5dutWm"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d3578d71fec03b8-FRA
access-control-allow-headers: *

GET
H2 204 0
bat.bing.com/action/ 0
286 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384898&tm=gtm002&Ver=2&mid=fd2c4a85-6b5e-4957-b23e-0e2f33680564&sid=3c27160004db11ee8336393521615bdb&vid=3c27139004db11ee976c45f4d660a6ce&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATFX%20Client%20Portal&p=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&r=&lt=4245&evt=pageLoad&sv=1&rn=129350

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 07 Jun 2023 02:30:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 50163E7FEA7945588CDE1AD325DE76C3 Ref B: FRAEDGE2016 Ref C: 2023-06-07T02:30:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 152ms
127ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=6693213&pu=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&t=ATFX+Client+Portal&cts=1686105014899&vi=f957f298445d281e28f09802b064ba9f&nc=true&u=195689843.f957f298445d281e28f09802b064ba9f.1686105014895.1686105014895.1686105014895.1&b=195689843.1.1686105014896&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7d0fa04b-b5bb-4152-8025-87e8ee1462f9
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3cc9fd5e-955c-4cf5-90ee-a9810cb22054
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h25tuPrXtH7eyQ0fq9zyZKICo2OB72qnxyilkfsfXIjSxhvpO0DSWdISjmYAo7Us6EjvH2BqmBWt4JqNt3J2MlYZQOGV4bukd3GhFMbutIDIo%2F92OgRLHH5RleWMlM7NBEVZT%2FtVI5zl9cpwd9Im"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-lqfnv
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d3578d75930900a-FRA
x-robots-tag: none

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2010%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=81485731

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2020%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1974895987

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2030%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=576593290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
15ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2040%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1916295111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2050%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1720781996

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2060%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=424210576

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2070%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1691710809

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2080%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1096661614

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2090%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1526162275

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2102382511&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%20100%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=aGDAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1894781772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json
forms.hubspot.com/lead-flows-config/v1/config/ 220 B
1 KB 181ms
155ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6693213&utk=f957f298445d281e28f09802b064ba9f&__hstc=195689843.f957f298445d281e28f09802b064ba9f.1686105014895.1686105014895.1686105014895.1&__hssc=195689843.1.1686105014896&currentUrl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dc9bd5b6-aa07-4a68-b46c-6a4af478d975
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: da8de8e0-ada7-4975-a1cd-d18a28a93257
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmaWDVN4f0FB8ORwZkmkomLeBSjJTTKGivx2kq%2Fi7Vc3HbY4i9h4D0DJzAw5GsVHZKq2ESKcEgRPM4eIPV%2BqJKaDyLCHVLHmEE5BMbpWxqj%2B9kC2%2F2iarFmknMgdPnFWcxFgv7mnEpFvlVfQSd6Q"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7d3578d7fbf030cc-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-f4t27

GET
H3 200 js
www.googletagmanager.com/gtag/ 139 KB
53 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54469
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 139 KB
53 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54481
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 184 KB
67 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68835
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 Primary Request login Show response
login-gm.atfx.com/ 15 KB
6 KB 232ms
231ms Document
text/html 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/login

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/app.2c3c16a2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

ea3fd554240521d17c87ca13315aeebccceec12e59ccb102417af6a3bddae81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5878
content-type: text/html
date: Wed, 07 Jun 2023 02:30:15 GMT
etag: "647fe88c-2e61"
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
server-timing: cdn-cache; desc=MISS edge; dur=191 origin; dur=3 ak_p; desc="468362_388391874_1192942835_19388_7299_5_0";dur=1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 11873 0 pmb=mRUM,1
x-envoy-upstream-service-time: 0

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/ 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/?random=1686105015089&cv=11&fst=1686105015089&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=79774147.1686105013&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-725330305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/ 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/?random=1686105015107&cv=11&fst=1686105015107&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=79774147.1686105013&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

results.txt
wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net/eum/ Frame E0A6
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=plr8qqjtf
https://wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
394 B

63ms
6ms

XHR
text/plain

184.86.251.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 184.86.251.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-90.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:15 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686105015212_3092568154_54352990_8_296_5_15_-";dur=1
Content-Length: 8

Redirect headers

Location: https://wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Wed, 07 Jun 2023 02:30:15 GMT
Server: AkamaiGHost
Connection: keep-alive
Server-Timing: ak_p; desc="1686105015143_3092568153_24170051_8_290_5_21_-";dur=1
Content-Length: 0

GET
H/1.1

200
OK

results.txt
fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net/eum/ Frame E0A6
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=plr8qqjtf
https://fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

112ms
6ms

XHR
text/plain

2a02:26f0:780::5f65:366a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:780::5f65:366a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:15 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Wed, 07 Jun 2023 02:30:15 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/725330305/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725330305/?random=1686105015089&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4242201547&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/725330305/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725330305/?random=1686105015089&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4242201547&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740161488/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740161488/?random=1686105015107&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2164152484&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740161488/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740161488/?random=1686105015107&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2164152484&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

GET hm.gif
hm.baidu.com/ 0
0

GET
H2 200 vendors-app.45c3aedd.css
login-gm.atfx.com/css/ 85 KB
18 KB 214ms
213ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f5c0bc154ef72cd3195f9435f64a82bcc65d8eb2d4c9fd8eeecd8d02a94f3bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-15509"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=152, origin; dur=35, ak_p; desc="468362_388391874_1192942857_19399_8501_5_0";dur=1
accept-ranges: bytes
content-length: 17532
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 app.833382a1.css
login-gm.atfx.com/css/ 67 KB
11 KB 209ms
209ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/app.833382a1.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f424a2dfd1456a1be85612e8ac4841a6e8ec7bdda8c85a667d57c2264b1b22c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-10b87"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=161, origin; dur=32, ak_p; desc="468362_388391874_1192942858_19242_7770_5_0";dur=1
accept-ranges: bytes
content-length: 11141
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 logo_zh-hant.png
login-gm.atfx.com/static/img/ 4 KB
4 KB 207ms
201ms Image
image/png 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/logo_zh-hant.png

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

f2e329624a41e2cd7ef13d83dedde07666fb2c3741a6e925ca18219d3991a2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-e02"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=151, origin; dur=33, ak_p; desc="468362_388391874_1192942909_18412_7176_5_0";dur=1
accept-ranges: bytes
content-length: 3586
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 indexLanuge.js Show response
login-gm.atfx.com/ 2 KB
851 B 208ms
202ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/indexLanuge.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

fa85956f083369c2cf8d7fdba0260d79a0a2a35830968af43bcf822ad2baa01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-958"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2
server-timing: cdn-cache; desc=MISS, edge; dur=180, origin; dur=5, ak_p; desc="468362_388391874_1192942910_18530_7110_5_0";dur=1
accept-ranges: bytes
content-length: 515

GET
H2 200 recur-livechat.js Show response
master.d10i7a7v1hjb2v.amplifyapp.com/ 758 KB
194 KB 222ms
216ms Script
application/javascript 108.138.17.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71114d4a0acef5dc678ec7fa21bc8cfc718d9ef0f4b2d7edb234ec2be1d14950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: gzip
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 05:12:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
etag: W/"1419dd78a68a5268a5b6af642aaf3b12"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: ltHXAfG2ClT2LeahpVUPN7OibpKBQDmj4BCCa661NAGm0I3aKhLYFg==

GET
H2 200 chunk.crypto-js.1628d69e.js Show response
login-gm.atfx.com/js/ 99 KB
29 KB 208ms
208ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.crypto-js.1628d69e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

55146e4beb0d1e16fe104092ed8cb7bc92aa167b2d1227cfca6316b0636ef7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-18b4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=182, origin; dur=3, ak_p; desc="468362_388391874_1192942897_18465_7347_6_0";dur=1
accept-ranges: bytes
content-length: 29625

GET
H2 200 chunk.core-js.2599a40e.js Show response
login-gm.atfx.com/js/ 87 KB
29 KB 223ms
223ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.core-js.2599a40e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

1fa2f27d40e61b6b580c05e34d446093c5dd809d7803c4ef68ef05524e23ec3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-15ca1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=175, origin; dur=3, ak_p; desc="468362_388391874_1192942899_17788_6677_5_0";dur=1
accept-ranges: bytes
content-length: 29663

GET
H2 200 chunk.element-ui.0e281e8e.js Show response
login-gm.atfx.com/js/ 732 KB
188 KB 451ms
447ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.element-ui.0e281e8e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

71f7d3fb2b44ecf533f28489b280466f9691baa330d1d873ed27827eff9bb1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-b7048"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=197, origin; dur=2, ak_p; desc="468362_388391874_1192942902_19835_6869_8_0";dur=1
accept-ranges: bytes

GET
H2 200 chunk.vue.4a1c49a7.js Show response
login-gm.atfx.com/js/ 75 KB
28 KB 1162ms
1155ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.vue.4a1c49a7.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

20580f9af5de5e2264d9fb10273224b492d5d22b140a1523ba3912ac1e9ab88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-12c24"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=744, origin; dur=2, ak_p; desc="468362_388391874_1192942904_74560_8497_6_0";dur=1
accept-ranges: bytes
content-length: 28044

GET
H2 200 chunk.lodash.d442509e.js Show response
login-gm.atfx.com/js/ 68 KB
25 KB 288ms
281ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.lodash.d442509e.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

873470d56849b263e38c96bf51b0b884c98d959387de7f9e0134a79cfbb3e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-10f4e"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=180, origin; dur=6, ak_p; desc="468362_388391874_1192942905_18622_8207_6_0";dur=1
accept-ranges: bytes
content-length: 25112

GET
H2 200 chunk.oidc-client.8f078270.js Show response
login-gm.atfx.com/js/ 273 KB
71 KB 974ms
968ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/chunk.oidc-client.8f078270.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a5a107b924ba9dd5b041f5a96e1b996ed9cecdfbceffea0b702872cc6b0cd121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-445a1"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 3
server-timing: cdn-cache; desc=MISS, edge; dur=178, origin; dur=7, ak_p; desc="468362_388391874_1192942906_18501_7223_6_0";dur=1
accept-ranges: bytes

GET
H2 200 vendors-app.4feb1201.js Show response
login-gm.atfx.com/js/ 880 KB
274 KB 433ms
426ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/vendors-app.4feb1201.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e043716e507228dbdee87f50ef596329d8db47b05ef058b3bcc7d78c2b750a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-dbece"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=180, origin; dur=1, ak_p; desc="468362_388391874_1192942907_18131_7217_11_0";dur=1
accept-ranges: bytes

GET
H2 200 app.2c3c16a2.js Show response
login-gm.atfx.com/js/ 2 MB
621 KB 219ms
213ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/app.2c3c16a2.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

94e5ad05707bc87496527b4ff5d043e762ecd18b892bb479f41b21fb7a371163

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-27c6d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=152, origin; dur=36, ak_p; desc="468362_388391874_1192942908_18777_7975_6_0";dur=1
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 0
78 KB 232ms
227ms Other
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-100566"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=151, origin; dur=36, ak_p; desc="468362_388391874_1192942912_18718_8250_6_0";dur=1
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 index.css
login-gm.atfx.com/static/css/theme/ 1 MB
78 KB 231ms
225ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/index.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

50818b353993b1de002262d888a52d217099c01b7496cb69d2693ed52d8c33cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-100566"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=151, origin; dur=33, ak_p; desc="468362_388391874_1192942911_18401_8336_6_0";dur=1
accept-ranges: bytes
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 V2UHH-T34F7-YEC6S-FU52F-HJLLF Show response
s.go-mpulse.net/boomerang/ Frame 4F3C 202 KB
51 KB 8ms
7ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
last-modified: Mon, 29 May 2023 06:22:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
103 KB 52ms
48ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5803cab79d69f154f7c549e47f71e51bb2b62a56bf5c56a4261c5a2e503d7a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105256
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 345ms
340ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?61ac16100c228c043039c8a2ba9e8829

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9d43b7e8ca98fcf8057b304069e7dfd864be2cd265c4d8d98a0ae05d84913681

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:15 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 42abe8e92a3f00d028d8313f12ba8f9f
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11265

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 467ms
356ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f6a7ea91aaa56510db1faa27ec9e41c1

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

77a0e24d51fa7c28a539ca2fc51bcc129814f43ee6fbfa9c17c71334b907e0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:15 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: f5632a265bda9e8f71deb6747a9c0c25
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11256

GET
H2 200 launch-9724699d2dd6.min.js Show response
assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/ 149 KB
47 KB 12ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8654f41cf749de34db3784398fd4d8f70932e741bf4643a50c800702e68dde53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
last-modified: Thu, 23 Mar 2023 06:57:46 GMT
server: AkamaiNetStorage
etag: "a7fb199efceeecc1130b6b26d43b97c0:1679554666.491009"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48068
expires: Wed, 07 Jun 2023 03:30:15 GMT

GET
H2 200 Muli-Regular.c9c98d2b.woff
login-gm.atfx.com/fonts/ 50 KB
50 KB 212ms
207ms Font
font/woff 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/Muli-Regular.c9c98d2b.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/app.833382a1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

73d390d4a7b9b8b5d1fd8efee66f3cd6487282b44322af02e933ad1bdb5eadaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/app.833382a1.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-c7f8"
content-type: font/woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=152, origin; dur=37, ak_p; desc="468362_388391874_1192942903_18839_8497_5_0";dur=1
accept-ranges: bytes
content-length: 51192
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 new_logo.webp
login-gm.atfx.com/static/img/ 4 KB
4 KB 211ms
208ms Image
image/webp 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/new_logo.webp

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

ab8d6fa3589d2aaf852aaff25ef9ba685ee97708b5e9b38968bb29b936da48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-f94"
content-type: image/webp
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=MISS, edge; dur=180, origin; dur=3, ak_p; desc="468362_388391874_1192942913_19022_7166_5_0";dur=1
accept-ranges: bytes
content-length: 3988

GET
H2 200 loading.webm
login-gm.atfx.com/static/img/ 2 KB
3 KB 571ms
569ms Image
video/webm 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/static/img/loading.webm

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

b4b36f862fae672a6d926130bebeb95c5cedc5eab58e9ebb7d940a6e5014d9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-9e8"
content-type: video/webm
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=MISS, edge; dur=548, origin; dur=3, ak_p; desc="468362_388391874_1192942914_55127_8156_6_0";dur=1
accept-ranges: bytes
content-length: 2536

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 4F3C 1010 B
887 B 55ms
55ms XHR
application/json 2a02:26f0:3400:19e::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=V2UHH-T34F7-YEC6S-FU52F-HJLLF&d=login-gm.atfx.com&t=5620350&v=1.632.0&if=&sl=0&si=0kufp4k83yvo-rvv2yd&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=619580
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3400:19e::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b26b56d37a968f9965085c9e62b8a737395302722cfb45bb82231e82a04e9483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 02:30:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 567

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Wed, 07 Jun 2023 03:30:15 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Wed, 07 Jun 2023 03:30:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 51 KB
20 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 00:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6888
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 07 Jun 2023 02:35:27 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/ 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819544204/?random=1686105015660&cv=11&fst=1686105015660&bg=ffffff&guid=ON&async=1&gtm=45He3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=ATFX%20Client%20Portal&auid=79774147.1686105013&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8949a378d2e19b947d06307f992965a28789cddc9ab5e369364f45e8724eb33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%... Show response
10352767.fls.doubleclick.net/ Frame 925D
Redirect Chain

https://10352767.fls.doubleclick.net/activityi;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=htt...
https://10352767.fls.doubleclick.net/activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=...

448 B
278 B

28ms
28ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10352767.fls.doubleclick.net/activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

45b4f497fce8b74d7b1ee23c9566cb454e0dd529cda0d6c0d34edf04a67f2650

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login-gm.atfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:30:15 GMT
expires: Wed, 07 Jun 2023 02:30:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 02:30:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10352767.fls.doubleclick.net/activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 07 Jun 2023 02:30:15 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F0B581FB1204A8FAEB07A608B421320 Ref B: FRAEDGE2016 Ref C: 2023-06-07T02:30:15Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:780::210:ca7a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:ca7a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=9193
server-timing: ak_p; desc="1686105015678_34654838_79834535_10_831_6_0_146";dur=1
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 7ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230040-FRA

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
27 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:30:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FKzfbZ9uYXaDmZ6pbX0e7i7EZSy1TCkiQA6prkUxtoAz6xT8SpDCBH9igKUfpjdEQbLG7EkQJgJ8fX6KhmCsMA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6693213.js Show response
js.hs-scripts.com/ 2 KB
643 B 17ms
17ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6693213.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda4277caf6079956b18ee0f2aa90c2796e4347d763067cd2ed8de520c406b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: c87bfafc-b136-4098-b413-a609aad1c11c
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=1977
age: 2
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 854e431b-77f5-4af1-be1c-4e27707f5e29
cf-bgj: minify
last-modified: Wed, 07 Jun 2023 02:30:13 GMT
server: cloudflare
x-trace: 2B51CE5074AEC0ACEABBDC80E2B27A464DC6F2A04B000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-t5ghn
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7d3578dc0c89bb50-FRA
expires: Wed, 07 Jun 2023 02:31:15 GMT

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 19ms
19ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

10ab237d847c442817c877542e4db7ee1be867bba46b692ef9832204fcad62ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/ 82 KB
24 KB 10ms
10ms Script
text/javascript 2600:9000:225e:5600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 949abd2f5e780babc38b670945a790f4b63db231e1f9bf16fe4c0a93ebd0f9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Amz-Version-Id: zOD_pxvNGqAY02e64qMNrJ75dN63N9gd
Content-Encoding: gzip
Via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
Date: Wed, 07 Jun 2023 02:04:25 GMT
Age: 1551
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 24 May 2023 12:00:34 GMT
Server: AmazonS3
Etag: W/"b796b5b8a94b544b442768b28390c52c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 1BKEoESlJHPR3i_jC9eklxX25QscPpWLTHEvQoxfhU_TofwB0jERMQ==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 114ms
113ms Script
application/javascript 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fa9d4ee8e5cb2ad409566d9ee46c56ee55e09d99477b7d5ddc2b276b078ec4cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-akamai-request-id: 447788fe.1424abd2
date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
x-parent-response-time: 97,23.206.213.201
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=10, inner; dur=3, ak_p; desc="1686105015686_399431113_337947602_10196_3968_10_0_146";dur=1
content-length: 1464
pragma: no-cache
server: nginx
x-tt-logid: 20230607023015B5D35CD723C4EB5D0455
x-cache-remote: TCP_MISS from a23-39-229-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.39.229.5
x-tt-trace-host: 0165e47387a63d2aa752b09d3ce4dcb185847d34675100246cd51be00c8a1f30a1b9397d948b64b6935fb07fd48933c2b43524ec8734f675d9097b75b43e178cb599a63feb82dfd9b063fe1e5e8b21b88948a028be9d8dd9796084e8c36829e2b959897351d0918fd65b9f1c6358e219af
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
82 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4498782043c677ba7f77c52787b58f5842d4a2ed283a0b8ece350945afc257b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105015687&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105015687&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&e_ipv6=AQIlV2HHG8xHmAAAAYiTsMW_j8sDelaGt2VN6Hyox1nHEHfhgOuamZo8wklXUvO73zW...

0
143 B

118ms
118ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105015687&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&e_ipv6=AQIlV2HHG8xHmAAAAYiTsMW_j8sDelaGt2VN6Hyox1nHEHfhgOuamZo8wklXUvO73zWY81bNsvvCtQ
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B8B5A97C87BF44018F5B444A77D64D83 Ref B: FRAEDGE2022 Ref C: 2023-06-07T02:30:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9gOqGdU1VrHydYHtmhg==

Redirect headers

date: Wed, 07 Jun 2023 02:30:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3D4F1BFAEB2A4EB5947FCE54698B7B18 Ref B: FRAEDGE1815 Ref C: 2023-06-07T02:30:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3690196&time=1686105015687&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&e_ipv6=AQIlV2HHG8xHmAAAAYiTsMW_j8sDelaGt2VN6Hyox1nHEHfhgOuamZo8wklXUvO73zWY81bNsvvCtQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9gOqEW+zQ8WsFQlrzoA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=pageview&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCAiAABBAAAAAAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=869369102

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28057
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
117 B 119ms
118ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3fe91a0f-e0e5-464e-aee6-6adc676e4bce&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=312a622d-8ea0-4d85-9762-375d1d057c5d&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4e5693e7950e9d63
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2b9432c365493be8ce282066e4ce46019a04577ac16c70fa539a9e695fb9a778
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
116 B 113ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3fe91a0f-e0e5-464e-aee6-6adc676e4bce&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=312a622d-8ea0-4d85-9762-375d1d057c5d&tw_document_href=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h61&type=javascript&version=2.3.29

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 07 Jun 2023 02:30:15 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e0202f2f1dc4b771
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 193b06cc43b3bb74be65f00d70a7ae76790f55231178486bf6e9ce6022779e59
content-length: 43

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:30:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QuyqBxBqliP2dohhYHJfpqmtbyyYfZ/rFMuOF9BJdMCQfOXlZlVDxV5pUpDXy2LqnN+pcnjf1UEgj7Qqr9OGfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 661389801117388 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661389801117388?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51f916a7ffad2661310fe751c0ddbaa2d26cd4d343f17e9c07aaf84fbe37b988

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 02:30:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110057
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uk7vQUaGRsXwW5brj6qrpe98Z4vTmfuKCgu1Jy0WJEeNuE4wLvmh9KZVxPFZkYK69GZX+yaDaaIT62r4py5UWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819544204/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819544204/?random=1686105015660&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45He3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=3274775754&rmt_tld=0&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/819544204/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819544204/?random=1686105015660&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45He3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&fmt=3&is_vtc=1&random=3274775754&rmt_tld=1&ipr=y

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 25ms
24ms Script
application/javascript 2606:4700::6811:836e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:836e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c6e25ad853b5a6ad922795465a0e178c87af06b8a7ab3bde53b7b6939902c8

Request headers

Referer: https://login-gm.atfx.com/
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-encoding: br
age: 2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1213/bundle/main/lead-flows-release.js&cfRay=7d3578cddd6e2bd5-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"e0a28490756bd60883ddd702b459f472"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1213/bundle/main/lead-flows-release.js
date: Wed, 07 Jun 2023 02:30:15 GMT
x-amz-version-id: 8pz0uDcBGYlrsmWQyDnHbF47HkG8cM.I
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 20
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9a3a55ec-e16d-4441-8c2c-8ae2b8cd435b
last-modified: Tue, 06 Jun 2023 12:07:08 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7d3578dc2ced2bd5-FRA
x-amz-cf-id: LSnHCFzcubf3yNYeUQ5xiyhJPOHspGnXrWof1cqRGUkNM8b44QC3rg==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700::6810:77be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:77be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
x-amz-version-id: wXOaVt.1FYp5SJSGbufdokAhWgyD7J.j
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 281
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.381/bundles/pixels-release.js&cfRay=7d3571fd9d7118ff-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5b589f90-2641-4c11-bd9b-c80b78699a0e
last-modified: Mon, 05 Jun 2023 12:31:29 UTC
server: cloudflare
etag: W/"3907b3424cd18a581148905ead09299a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
cf-ray: 7d3578dc2cd618b5-FRA
x-amz-cf-id: _i65oolBDz0yWa7ViqFjYqUph48PXqLkNDfM_8ZGnx37emU1TkAWDA==
x-hs-target-asset: adsscriptloaderstatic/static-1.381/bundles/pixels-release.js

GET
H2 200 6693213.js Show response
js.hs-analytics.net/analytics/1686105000000/ 66 KB
20 KB 16ms
16ms Script
text/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1686105000000/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db6cfa7c4b954daab528d2355a6345f5fc29882ec3c43258b65acbfcaef7018c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6Q9QVGNRAJW4QPAY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 2
x-envoy-upstream-service-time: 20
x-amz-id-2: bYEHnm9Uynn0REwNTCZDbOWaz/4AlhJEUewGePg1AuSgaLNDuCPmXpCbMK9ndxWBoSS2xyoqdeuipA39MzEmxQ==
x-evy-trace-listener: listener_https
x-request-id: afc95ce2-7555-46cc-a818-5ca28fb18c8d
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 31 May 2023 19:00:31 GMT
server: cloudflare
etag: W/"dee84013963a4c44bd4ff605bf9133ce"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7d3578dc2ca1bb50-FRA
expires: Wed, 07 Jun 2023 02:35:13 GMT

GET
H2 200 6693213.js Show response
js.hs-banner.com/ 92 KB
19 KB 15ms
15ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6693213.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6693213.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c87e705ddf71a11d4a023947e775c362a2cd177e8e931fd6db466083642a070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
x-amz-version-id: YwruBsPLEEgqD7Gpzuc6HmQuGZsm8Ilo
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3ENH5E0ZTQ2445XJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 2
x-envoy-upstream-service-time: 66
x-amz-id-2: jp0DgIoijDPuaP8F5qjbmvWSya2RIp2egqjzGEKY08Ndg44vxFFvkCjct7n6WXAECbaPagli+Xc=
x-evy-trace-listener: listener_https
x-request-id: d6bde9e3-3086-440c-bcaf-c141fc51bf96
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 May 2023 12:57:20 GMT
server: cloudflare
etag: W/"c23057edec58c0718dc0b4aecea8b385"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://lp.atcapital.group
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-5smp8
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d3578dc2c5b6909-FRA
expires: Wed, 07 Jun 2023 02:35:13 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/UVYGNOCARNBIDOW25C5BBP/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

9ms
8ms

Script
application/javascript

2600:9000:225e:5600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login
Protocol: HTTP/1.1
Server: 2600:9000:225e:5600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Tue, 06 Jun 2023 23:12:25 GMT
Via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
Age: 41267
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JI0_xxak6pulwWfjYbi1CTfbYiqhcHH34asd_IUjjaIK90hc7NLIfA==

Redirect headers

Date: Tue, 06 Jun 2023 03:32:10 GMT
Via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
Age: 82685
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uMBzuT2BLvfMn9zBtqdi_Qcq0ATA2mN7WKZPfFdCITIv05eq4rj-qQ==

GET
H2 204 56384898.js Show response
bat.bing.com/p/action/ 0
116 B 116ms
115ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384898.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 07 Jun 2023 02:30:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F240542C33AE4C8EB4DD9236416202F0 Ref B: FRAEDGE2016 Ref C: 2023-06-07T02:30:15Z
x-cache: CONFIG_NOCACHE

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 249 KB
84 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb5000a4838f89ecb7dc733a9d5374ab4b390f6633958651c01a15438415fc1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 02:30:15 GMT

GET
H2 200 dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2F...
adservice.google.com/ddm/fls/z/ Frame 925D 42 B
107 B 53ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: 10352767.fls.doubleclick.net
URL: https://10352767.fls.doubleclick.net/activityi;dc_pre=CNCzjtSOsP8CFdqZ_QcdtWwCdw;src=10352767;type=homevist;cat=atfxc0;ord=727876669019;gtm=45He3650;auiddc=79774147.1686105013;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10352767.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 19ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3650&_p=2034782496&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686105013&sct=1&seg=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 12ms
12ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=PageView&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&rl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&if=false&ts=1686105015770&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1686105013206.526572441&cs_est=true&it=1686105015698&coo=false&tm=1&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:30:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 12ms
12ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=PageView&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&rl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&if=false&ts=1686105015771&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1686105013206.526572441&cs_est=true&it=1686105015698&coo=false&rqm=GET

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:30:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3650&_p=2034782496&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=Page%20view%3A%20https%3A%2F%2Flogin-gm.atfx.com%2Flogin
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UVYGNOCARNBIDOW25C5BBP Show response
d.adroll.com/consent/check/ 463 B
555 B 36ms
36ms Script
application/javascript 2a05:d018:cc3:fe05:fc57:13d8:b65e:4717
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UVYGNOCARNBIDOW25C5BBP?pv=63018815418.40373&arrfrr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&_s=13e141163b556014158e17c1b2b3c2ba&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/UVYGNOCARNBIDOW25C5BBP/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:fc57:13d8:b65e:4717 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 68741643aebbdaa90f9848b1624532a9db78d0ac7c6e43c82be0472dbbad7e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:15 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 main.MTY0NTk0YzcxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 11ms
11ms Script
application/javascript 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8UO16TOAEBOBK55C9FG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-akamai-request-id: 1424ae7e
date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305301212301649B63B7F5E8C52C35A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018420d296c332dba42327a288eae70e9d8e7be1e931e1caaf501da74061080c6188d4ba62e45816f473723997195e309d9ea7c0b4df2e29c6316da799447a43019d4f40183279de40f4c33d5976448ddbea361e46adc80e6a47b51848c2de9af8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3, ak_p; desc="1686105015899_399431113_337948286_13_4602_8_0_146";dur=1
content-length: 67857

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 26ms
26ms Script
application/javascript 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-akamai-request-id: 1424af4d
date: Wed, 07 Jun 2023 02:30:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023050811401936014E6C38504B8E8219
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015fb7dce8dadf5a93dcabfd51c321b5600dadd98570b95cd65cfafb383d8532b0b07262e8f5f0b9ce6b6f719de676a4618d4ffb438b314a969cc517e8a874442f2f7240b3f0754e4eabdbaa6bbe9580783ac88379f7566ee8271063741587a925
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3, ak_p; desc="1686105015949_399431113_337948493_331_4269_5_0_146";dur=1
content-length: 30819

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
757 B 160ms
160ms Ping
text/plain 23.36.162.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTY0NTk0YzcxMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.201 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5067eb21.1424af4e
date: Wed, 07 Jun 2023 02:30:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
x-parent-response-time: 137,23.206.213.201
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=48, inner; dur=37, ak_p; desc="1686105015949_399431113_337948494_15284_2309_6_0_109";dur=1
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023060702301546C668AEEFA1F5303158
x-cache-remote: TCP_MISS from a23-39-229-6.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 49,23.39.229.6
x-tt-trace-host: 0165e47387a63d2aa752b09d3ce4dcb185847d34675100246cd51be00c8a1f30a1cf4a4a419143a3b3656b508ea8d9a4a5b1bc376a62e2e96f33806bcdc61b9af363404ced3eb58b80df1403208c03f2da62b1704d0cc9a3eefce30bb43d658046fbf35112dc835459d4f364e649e51d9b
expires: Wed, 07 Jun 2023 02:30:16 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 18ms
18ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=74e2657408ebf1142593e1f582b1d7f20f72d502de7f3cc5704748e1aa962fba&ttl=&rurl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 340ms
339ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=7C7C2C0CDAEC9A52&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=985%2C985&et=3&ja=0&ln=en-us&lo=0&rnd=1220381743&si=f6a7ea91aaa56510db1faa27ec9e41c1&v=1.3.0&lv=1&sn=20534&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:16 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 340ms
340ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1686105014&rnd=1459875548&si=f6a7ea91aaa56510db1faa27ec9e41c1&su=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&v=1.3.0&lv=2&sn=20536&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:16 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 330ms
329ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=001B70300E14B307&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=990%2C990&et=3&ja=0&ln=en-us&lo=0&rnd=1848963112&si=61ac16100c228c043039c8a2ba9e8829&v=1.3.0&lv=1&sn=20534&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:16 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 322ms
321ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1686105014&rnd=1269242312&si=61ac16100c228c043039c8a2ba9e8829&su=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&v=1.3.0&lv=2&sn=20536&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&tt=ATFX%20Client%20Portal

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 02:30:16 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-152401985-5&cid=1866878897.1686105013&jid=1070207656&gjid=2007181263&_gid=1242778450.1686105013&_u=SCCAiAABBAAAAEAAI~&z=604390873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Jun 2023 02:30:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=0&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1second&ea=1second&el=1second&ev=1&_u=SCCAiAABBAAAAAAAI~&jid=1070207656&gjid=2007181263&cid=1866878897.1686105013&tid=UA-152401985-5&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&z=1533084468

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onsite%20events&ea=geolocation&el=DE&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd8=DE&z=911035209

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conf Show response
at-client-portal-api.atfx.com/setting/ 56 B
450 B 255ms
215ms XHR
application/json 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://at-client-portal-api.atfx.com/setting/conf?data=3D21YIvbpxtQuMbhInjUHag80a4d9QBAtOtuaR64S4rpoaS3rzVtM1a8BJu30LAYUqXP5ZiJTu5rpd%2F6yJy4XfrzsGS%2BfNEOPDc%2BUkDrfqg%3D

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/vendors-app.4feb1201.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy / Express

Resource Hash

0b7a11c4d34830d32ee191d8cd4b01a886a59e4fa9065f0ef61bcbc5f42e5ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server: istio-envoy
x-powered-by: Express
etag: W/"38-WlNLrsWdqPqv4ntTFfWeRARZ9WU"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 15
server-timing: cdn-cache; desc=MISS, edge; dur=187, origin; dur=17, ak_p; desc="468362_388391874_1192943078_20334_5738_5_0";dur=1
content-length: 56
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 169 B
567 B 117ms
117ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6693213

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e9866bb713a4194b11734cf3a728872a90b22d2a68d8f2d16abf9fe65b82d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 92199190-cfbf-4b13-bacc-f9f23fd37a9b
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2248524e-735f-4c8e-9f9d-971b3fb088f9
server: cloudflare
x-trace: 2B3250AFDC0C9718528A7E91CC204729209E657780000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-fj87l
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZMs9Zc1ROuKhjvFerlcjDwdPC9QfcPmdA2EnEsSMTc7wjvW4MlAR9nZvGEa58b5iIdZ1nvKTC7Xysnw8uXyHqdjqTbSr7%2B0rvq8veG9IruCANmU0%2BdnJ%2FuL1dDIbxG0JT9VpPpVQptpnZU6"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d3578e3386903b8-FRA
access-control-allow-headers: *

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onsite%20events&ea=setting%20entity&el=setting%20entity&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=1334817125

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
119 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384898&tm=gtm002&Ver=2&mid=3e2c9f93-166e-4e47-8340-747ac0e60db7&sid=3c27160004db11ee8336393521615bdb&vid=3c27139004db11ee976c45f4d660a6ce&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATFX%20Client%20Portal&p=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&r=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&lt=1754&evt=pageLoad&sv=1&rn=147189

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 07 Jun 2023 02:30:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E27C0BE3123451AAB46A154D5278FA1 Ref B: FRAEDGE2016 Ref C: 2023-06-07T02:30:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
459 B 135ms
134ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=78086756&v=1.1&a=6693213&r=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&pu=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&t=ATFX+Client+Portal&cts=1686105016876&vi=f957f298445d281e28f09802b064ba9f&nc=false&u=195689843.f957f298445d281e28f09802b064ba9f.1686105014895.1686105014895.1686105014895.1&b=195689843.2.1686105014896&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 202efedb-d426-49a4-a361-8df053492ac4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5fe39849-af6d-4838-9197-7d1c1f9177d4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcl6gtv2t7kbAGHBSKrYNlaN68PjaR4v3xwArJr6ks8JBAhfVemcx8sldyMs3RgZTia50PX7j2%2BGoDY6etrHvCdIHCq8%2FWfo7SQTDk5VevOnClNmL%2FfygM4X51zO5YGjqMUT110scvmP1XsMI1wW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-wnd65
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d3578e38feb900a-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 220 B
788 B 139ms
138ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6693213&utk=f957f298445d281e28f09802b064ba9f&__hstc=195689843.f957f298445d281e28f09802b064ba9f.1686105014895.1686105014895.1686105014895.1&__hssc=195689843.2.1686105014896&referrer=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&currentUrl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66f182643947513d3148fae509b983f1a6d160602f18375c2e354496920976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ea850602-0510-461b-993d-99b12758a8fd
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1a094fd3-086b-4ec0-8fc3-a66aba0daf04
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://login-gm.atfx.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPxW6h8WrHzwIuj2vRm83nsx%2Br%2FZXqDWhVK3i4x2dqqAmgN0JbcP3itF4Ry3A9KZCH9%2BvH090666G9qT6Tw7PnCCuoLuFpZDGA452d1u2XWWfYxmWvygTMAHqIpoE%2BoGxCOnSdDnI0OfBUm1w%2Fhp"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7d3578e3bb9130cc-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-c6p2z

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2010%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=553098895

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
12ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2020%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=50985357

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2030%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=1734589709

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2040%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=1372178905

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2050%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=71065925

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2060%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=1968189054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
14ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2070%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=346617078

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2080%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=1313771288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%2090%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=324783310

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2034782496&t=event&ni=1&_s=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ul=en-us&de=UTF-8&dt=ATFX%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%3A%20100%25&ea=login-gm.atfx.com&el=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ev=0&_u=SCCAiAABBAAAAEAAI~&jid=&gjid=&cid=1866878897.1686105013&tid=UA-152401985-1&_gid=1242778450.1686105013&gtm=45He3650n81W5P72GF&cd3=CY&cd8=DE&z=1571936686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jun 2023 18:42:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28058
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 139 KB
53 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46886a4be83650a436e7b59a28a5dc38f14dd70bcdacf99c52cf8f404cb56ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54465
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:30:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 139 KB
53 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725330305&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cbdfcd12542129f6933e79ce950b8ae45adf8264e6695af01ccb941915a6010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54481
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:30:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5P72GF&gtm_auth=NEPQibSTQd2E5JAsDQjUcw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a9a7f9c4b463c2f5438daf8c20c306f77d0b672ad2500dc21edd61bb030593f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68832
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 01:19:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 02:30:16 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/ 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725330305/?random=1686105017002&cv=11&fst=1686105017002&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=79774147.1686105013&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-725330305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f94f9fd2ff80922b2e75620bb600750b55d53ac29d34b8805938ded43982bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/ 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740161488/?random=1686105017023&cv=11&fst=1686105017023&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=ATFX%20Client%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=79774147.1686105013&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740161488&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1c204b2744f95175375be9118d365239b64516232ba73b816ab75a422c7af4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/725330305/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725330305/?random=1686105017002&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1905213641&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/725330305/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725330305/?random=1686105017002&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1905213641&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/740161488/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740161488/?random=1686105017023&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3141843161&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/740161488/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/740161488/?random=1686105017023&cv=11&fst=1686103200000&bg=ffffff&guid=ON&async=1&gtm=45be3650&u_w=1600&u_h=1200&url=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&ref=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&frm=0&tiba=ATFX%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3141843161&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 login.5b7a2b0f.css
login-gm.atfx.com/css/ 12 KB
2 KB 254ms
254ms Stylesheet
text/css 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/css/login.5b7a2b0f.css

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/app.2c3c16a2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

a1fd19c0b4c72031989a7fbf09e2b6bf6b7a277404a2359b3c448116d6609f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-31f1"
vary: Accept-Encoding
content-type: text/css
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=205, origin; dur=34, ak_p; desc="468362_388391874_1192943116_23958_7549_5_0";dur=1
accept-ranges: bytes
content-length: 2146
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 login.867f510a.js Show response
login-gm.atfx.com/js/ 57 KB
20 KB 215ms
214ms Script
application/javascript 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/js/login.867f510a.js

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/js/app.2c3c16a2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

52b72c5410917f399dcdb3d827537f9d42650653cc4c7b94463b52c4fac779b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-e57c"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 4
server-timing: cdn-cache; desc=MISS, edge; dur=181, origin; dur=7, ak_p; desc="468362_388391874_1192943117_18832_6273_6_0";dur=1
accept-ranges: bytes
content-length: 20421

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661389801117388&ev=Microdata&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&rl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&if=false&ts=1686105017271&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ATFX%20Client%20Portal%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.106&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1686105013206.526572441&it=1686105015698&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 02:30:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1ba151abd6ddb624f5b4e4fb16ca70e0c8a62ee14ee6cc20faecd204294e44d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a27f8cdfadb27e079737c2dfd65d27f6ff3beb4e6f298e279db7a2c77d28df7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.8ef051a1.png
login-gm.atfx.com/img/ 13 KB
14 KB 244ms
244ms Image
image/png 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/img/logo.8ef051a1.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

e4b8de3da086bc3422b20ab60526ec883ca9c82946a66fd7381543a80a03011b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-3590"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=196, origin; dur=34, ak_p; desc="468362_388391874_1192943156_23033_7318_5_0";dur=1
accept-ranges: bytes
content-length: 13712
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 login-backimg.716badf0.png
login-gm.atfx.com/img/ 435 KB
437 KB 215ms
215ms Image
image/png 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login-gm.atfx.com/img/login-backimg.716badf0.png

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/login.5b7a2b0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

4bbf0a19df51ceb44a9cd2941b522d5fbdf541d993a53784b26813056ac9a4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/css/login.5b7a2b0f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-6cd1e"
content-type: image/png
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=162, origin; dur=33, ak_p; desc="468362_388391874_1192943161_19489_7066_5_0";dur=1
accept-ranges: bytes
content-length: 445726
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 Muli-Bold.8c9b662f.woff
login-gm.atfx.com/fonts/ 50 KB
51 KB 217ms
216ms Font
font/woff 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/Muli-Bold.8c9b662f.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/app.833382a1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

8abb15b350f4961e50cc878fae03a44f5afab6d58d329bf7959edd6a225687e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/app.833382a1.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-c890"
content-type: font/woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 0
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=163, origin; dur=35, ak_p; desc="468362_388391874_1192943162_19859_7083_5_0";dur=1
accept-ranges: bytes
content-length: 51344
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 la-solid-900.36fc2979.woff2
login-gm.atfx.com/fonts/ 94 KB
95 KB 207ms
206ms Font
font/woff2 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/la-solid-900.36fc2979.woff2

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-179f0"
content-type: font/woff2
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=156, origin; dur=32, ak_p; desc="468362_388391874_1192943163_18825_7078_5_0";dur=1
accept-ranges: bytes
content-length: 96752
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 element-icons.woff
login-gm.atfx.com/static/css/theme/fonts/ 6 KB
6 KB 215ms
214ms Font
font/woff 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/static/css/theme/fonts/element-icons.woff

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/static/css/theme/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/static/css/theme/index.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-1814"
content-type: font/woff
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=163, origin; dur=34, ak_p; desc="468362_388391874_1192943164_19692_6988_5_0";dur=1
accept-ranges: bytes
content-length: 6164
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 la-regular-400.88d9d941.woff2
login-gm.atfx.com/fonts/ 13 KB
13 KB 247ms
247ms Font
font/woff2 2a02:26f0:480:23::1726:6282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://login-gm.atfx.com/fonts/la-regular-400.88d9d941.woff2

Requested by

Host: login-gm.atfx.com
URL: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy /

Resource Hash

51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://login-gm.atfx.com/css/vendors-app.45c3aedd.css
Origin: https://login-gm.atfx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Jun 2023 02:16:44 GMT
server: istio-envoy
etag: "647fe88c-3264"
content-type: font/woff2
cache-control: private, max-age=0
x-envoy-upstream-service-time: 1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=196, origin; dur=33, ak_p; desc="468362_388391874_1192943165_22899_7056_5_0";dur=1
accept-ranges: bytes
content-length: 12900
expires: Wed, 07 Jun 2023 02:30:17 GMT

POST
H2 204 /
684dd326.akstat.io/ 0
203 B 46ms
45ms Ping
image/gif 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd326.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/V2UHH-T34F7-YEC6S-FU52F-HJLLF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:17 GMT
content-type: image/gif
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Wed, 07 Jun 2023 02:30:17 GMT

GET
H2 200 s09104894489186
metrics.atfx-china.com/b/ss/atsolution-prd/1/JS-2.23.0-LDQM/ 43 B
372 B 1059ms
20ms Image
image/gif 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.atfx-china.com/b/ss/atsolution-prd/1/JS-2.23.0-LDQM/s09104894489186?AQB=1&ndh=1&pf=1&t=7%2F5%2F2023%202%3A30%3A17%203%200&mid=84279486097511902232337868329503185393&aamlh=6&ce=UTF-8&pageName=%2Flogin&g=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&r=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&c.&apl=4.0&.c&cc=USD&server=login-gm.atfx.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v3=login&c6=production&c8=atfx%202.0&c9=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&c10=true&v11=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&v12=en&v20=gm&v33=atfx%202.0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F64735DD5CF122370A495FCD%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 02:30:18 GMT
server: jag
etag: 3620882956852756480-4619656313286328940
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06 Jun 2023 02:30:18 GMT

OPTIONS
H2 200 get-live-chat-config
prod.api.recur-omni.io/live-chat-model/ Frame 0
0 889ms
270ms Preflight
application/json 18.136.3.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.api.recur-omni.io/live-chat-model/get-live-chat-config
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.3.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-3-90.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-session
Access-Control-Request-Method: POST
Origin: https://login-gm.atfx.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Client-Session, Authorization, Content-Type
access-control-allow-methods: OPTIONS,POST,GET
access-control-allow-origin: https://login-gm.atfx.com
content-length: 0
content-type: application/json
date: Wed, 07 Jun 2023 02:30:20 GMT
x-amz-apigw-id: GIHFcFHSSQ0Foyg=
x-amzn-requestid: 1990e3c1-5f1b-48b9-88fe-1df645a0a067
x-amzn-trace-id: Root=1-647febbc-2eacea041004ed5207c3f5f9;Sampled=0;lineage=58f13a6e:0

GET
H2 200 launch-9724699d2dd6.min.js Show response
assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/ 149 KB
47 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a5e3125ce4c4/3aa995ce2689/launch-9724699d2dd6.min.js
Requested by: Host: master.d10i7a7v1hjb2v.amplifyapp.com
URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8654f41cf749de34db3784398fd4d8f70932e741bf4643a50c800702e68dde53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 02:30:19 GMT
content-encoding: gzip
last-modified: Thu, 23 Mar 2023 06:57:46 GMT
server: AkamaiNetStorage
etag: "a7fb199efceeecc1130b6b26d43b97c0:1679554666.491009"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login-gm.atfx.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48068
expires: Wed, 07 Jun 2023 03:30:19 GMT

POST
H2 200 get-live-chat-config Show response
prod.api.recur-omni.io/live-chat-model/ 5 KB
5 KB 850ms
338ms XHR
application/json 18.136.3.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.api.recur-omni.io/live-chat-model/get-live-chat-config
Requested by: Host: master.d10i7a7v1hjb2v.amplifyapp.com
URL: https://master.d10i7a7v1hjb2v.amplifyapp.com/recur-livechat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.3.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-3-90.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 80850b9197772575319ba9d5c024dc110de332f3701813c359bcdf3918dfcb8a

Request headers

Accept: */*
Client-Session: lXTZKqXwLP9CWhJtLqQcbSrHXPrhT35Dm0bRGWc0n4LxXcEVAY1enrOhjmcSoMEW_iYtd7FBtYkBURBiF4z59rl4ViAHWvQMp9IZL3R2jH7Zux4ND9KIN8XGYw89WOw0x
Referer: https://login-gm.atfx.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Jun 2023 02:30:21 GMT
x-amzn-requestid: 1638dde8-a2e3-459a-a070-7b42914d92d1
x-amzn-trace-id: Root=1-647febbc-5540dc91690606ae3c09f42f;Sampled=0;lineage=58f13a6e:0
access-control-allow-methods: OPTIONS,POST,GET
content-type: application/json
access-control-allow-origin: https://login-gm.atfx.com
access-control-allow-credentials: true
x-amz-apigw-id: GIHFkGvByQ0FcTA=
content-length: 4811
access-control-allow-headers: Client-Session, Authorization, Content-Type

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3650&_p=2034782496&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1686105013&sct=1&seg=1&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=15
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y793BN4BT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3650&_p=2034782496&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=2&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dr=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=19
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-RB6RNN86NX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login-gm.atfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 02:30:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login-gm.atfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3650&_p=2102382511&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=16

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6Y793BN4BT&gtm=45je3650&_p=2102382511&gdid=dZTQ1Zm&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=user_engagement&_et=2224

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3650&_p=2102382511&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=2&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=78

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RB6RNN86NX&gtm=45je3650&_p=2102382511&gdid=dZTQ1Zm&cid=1866878897.1686105013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1686105013&sct=1&seg=0&dl=https%3A%2F%2Flogin-gm.atfx.com%2Flogin&dt=ATFX%20Client%20Portal&en=user_engagement&_et=2038

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=56384898&tm=gtm002&Ver=2&mid=fd2c4a85-6b5e-4957-b23e-0e2f33680564&sid=3c27160004db11ee8336393521615bdb&vid=3c27139004db11ee976c45f4d660a6ce&vids=1&msclkid=N&evt=pageHide

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?hca=001B70300E14B307&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=990%2C990&et=3&ja=0&ln=en-us&lo=0&rnd=1848963112&si=61ac16100c228c043039c8a2ba9e8829&v=1.3.0&lv=1&sn=20534&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?hca=7C7C2C0CDAEC9A52&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=985%2C985&et=3&ja=0&ln=en-us&lo=0&rnd=1220381743&si=f6a7ea91aaa56510db1faa27ec9e41c1&v=1.3.0&lv=1&sn=20534&r=0&ww=1600&u=https%3A%2F%2Flogin-gm.atfx.com%2Flogin

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.atfx.com/	1970-01-20 14:31:21	Name: _gcl_au Value: 1.1.79774147.1686105013
.demdex.net/	1970-01-20 16:40:57	Name: demdex Value: 89622069259229794542947597123747880256
.atfx.com/	1969-12-31 23:59:59	Name: AMCVS_F64735DD5CF122370A495FCD%40AdobeOrg Value: 1
.atfx.com/	1970-01-20 12:23:11	Name: _gid Value: GA1.2.1242778450.1686105013
.atfx.com/	1970-01-20 12:21:45	Name: _dc_gtm_UA-152401985-1 Value: 1
.doubleclick.net/	1970-01-20 21:43:21	Name: IDE Value: AHWqTUlRTCOvK0UTrdnuzSrB1VWjn_OuzoDrgvwiJsTHFgkv9T1bBo5QB2zp_BmfJLM
login-gm.atfx.com/	1970-01-20 12:23:11	Name: ln_or Value: eyIzNjkwMTk2IjoiZCJ9
.t.co/	1970-01-20 21:57:45	Name: muc_ads Value: 41c4ad4b-96e6-4a3a-857a-080874070561
.twitter.com/	1970-01-20 21:57:45	Name: personalization_id Value: "v1_pNy88GUXYLYYgB23qGEB9g=="
.everesttech.net/	1970-01-20 21:07:21	Name: everest_g_v2 Value: g_surferid~ZH-rtQAAABs7zQNn
.tiktok.com/	1970-01-20 21:43:21	Name: _ttp Value: 2QrHvuFDWe1XDqhTNS7oOsbNjKp
.atfx.com/	1970-01-20 14:31:21	Name: _fbp Value: fb.1.1686105013206.526572441
.linkedin.com/	1970-01-20 14:31:21	Name: li_sugr Value: aa7e872d-5324-4494-b2a5-f5491c55fc39
.linkedin.com/	1970-01-20 21:07:21	Name: bcookie Value: "v=2&53baa9df-5b0d-4784-8757-ef161594a9ad"
.linkedin.com/	1970-01-20 12:23:11	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2653:u=1:x=1:i=1686105013:t=1686191413:v=2:sig=AQE8ZiRnpQC6cPiURGocCOZIN0H2xQWF"
.dpm.demdex.net/	1970-01-20 16:40:57	Name: dpm Value: 89622069259229794542947597123747880256
.atfx.com/	1970-01-20 21:57:45	Name: AMCV_F64735DD5CF122370A495FCD%40AdobeOrg Value: 179643557%7CMCIDTS%7C19516%7CMCMID%7C84279486097511902232337868329503185393%7CMCAAMLH-1686709812%7C6%7CMCAAMB-1686709812%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1686112213s%7CNONE%7CMCSYNCSOP%7C411-19523%7CvVersion%7C5.5.0
.atfx.com/	1970-01-20 21:43:21	Name: _tt_enable_cookie Value: 1
.atfx.com/	1970-01-20 21:43:21	Name: _ttp Value: KooUK4xN1AOpcVkOiY7kgX7HoDh
.linkedin.com/	1970-01-20 13:04:57	Name: UserMatchHistory Value: AQI_gDUvj38fqgAAAYiTsLxjI2Jt4XRIxfWgiAQjEINCtJIV6LWa7utXBf4nL0ldhk-7fvQq8w_sGw
.linkedin.com/	1970-01-20 13:04:57	Name: AnalyticsSyncHistory Value: AQLmeEkCP8Ut-wAAAYiTsLxjQQdxU9FzyL6KLTEPoNd-jCon-2IW9x7PxKBj8LCFvgF-Mv3_giGagWseHsIydA
.www.linkedin.com/	1970-01-20 21:07:21	Name: bscookie Value: "v=1&20230607023013f356f8ea-cef0-4411-8e4a-733c9e38a99cAQEFlCt9EqM17NnNUhnu759lBZMldeGf"
.linkedin.com/	1970-01-20 16:40:57	Name: li_gc Value: MTswOzE2ODYxMDUwMTM7MjswMjHi/JT6CH/yvfcrXn6s6RVaKfjvZvZFQQPe8ElgER6iSQ==
.casalemedia.com/	1970-01-20 21:07:21	Name: CMID Value: ZH-rtYzFa6-CxWlX1.pQ8gAA
.casalemedia.com/	1970-01-20 14:31:21	Name: CMPS Value: 3209
.casalemedia.com/	1970-01-20 14:31:21	Name: CMPRO Value: 3209
.adnxs.com/	1970-01-20 14:31:21	Name: uuid2 Value: 2618622685724593867
.adnxs.com/	1970-01-20 14:31:21	Name: anj Value: dTM7k!M4.FErk#WF']wIg2IlgmBhPy!]tbPl1MwL(!R7qUY%ioHKezzYWJWd_%FCFCd8)fqn1i0<QG=%9sk?bIRwi:w9Ld1ss0t@17Mco/y@Yw#tu%M++5-p
hm.baidu.com/	1970-01-20 21:07:21	Name: HMTK Value: 1
.hm.baidu.com/	1970-01-20 21:57:45	Name: HMACCOUNT_BFESS Value: 7C7C2C0CDAEC9A52
my.rtmark.net/	1970-01-20 21:07:21	Name: ID Value: 0286d3ce5176483c85f8774b4b4385e8
.pubmatic.com/	1970-01-20 14:31:21	Name: KRTBCOOKIE_218 Value: 4056-ZH-rtQAAABs7zQNn&KRTB&22978-ZH-rtQAAABs7zQNn&KRTB&23194-ZH-rtQAAABs7zQNn&KRTB&23209-ZH-rtQAAABs7zQNn
.pubmatic.com/	1970-01-20 13:04:57	Name: PugT Value: 1686105012
.demdex.net/	1970-01-20 16:40:57	Name: dextp Value: 144230-1-1686105013292\|144231-1-1686105013392\|144232-1-1686105013495\|144233-1-1686105013664\|144234-1-1686105013765\|144235-1-1686105013865\|144236-1-1686105013966\|144237-1-1686105014067
.spotxchange.com/	1970-01-20 13:02:04	Name: audience Value: 3bb41ec8-04db-11ee-bb70-1e588e900106
.login-gm.atfx.com/	1970-01-20 21:07:21	Name: Hm_lvt_61ac16100c228c043039c8a2ba9e8829 Value: 1686105014
.atfx.com/	1970-01-20 21:07:21	Name: Hm_lvt_f6a7ea91aaa56510db1faa27ec9e41c1 Value: 1686105014
.bing.com/	1970-01-20 21:43:21	Name: MUID Value: 38BB7CD488CD6D442E9C6FFD891F6CD2
.atfx.com/	1970-01-20 16:40:57	Name: __hstc Value: 195689843.f957f298445d281e28f09802b064ba9f.1686105014895.1686105014895.1686105014895.1
.atfx.com/	1970-01-20 16:40:57	Name: hubspotutk Value: f957f298445d281e28f09802b064ba9f
.atfx.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hubspot.com/	1970-01-20 12:21:46	Name: __cf_bm Value: 8UPCYaaHLvZ2J1ifc1pVKlftNRN64U9VmysT2lJot2k-1686105015-0-AYznGNjc7NmpQX8ldNiU3h6zmYdF8HjK9b3dWsKYf93lNDOqgEc7+SkQ0LvEtvef/QTDhrC8gh4npr4ztwK0FB4=
.atfx.com/	1970-01-20 12:31:49	Name: RT Value: "z=1&dm=atfx.com&si=0kufp4k83yvo&ss=lil3e2ba&sl=0&tt=0"
.atfx.com/	1970-01-20 21:57:45	Name: _ga_6Y793BN4BT Value: GS1.1.1686105013.1.1.1686105015.58.0.0
.atfx.com/	1970-01-20 21:57:45	Name: _ga_RB6RNN86NX Value: GS1.1.1686105013.1.0.1686105015.58.0.0
.atfx.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f6a7ea91aaa56510db1faa27ec9e41c1 Value: 1686105016
.login-gm.atfx.com/	1969-12-31 23:59:59	Name: Hm_lpvt_61ac16100c228c043039c8a2ba9e8829 Value: 1686105016
.atfx.com/	1970-01-20 21:57:45	Name: _ga Value: GA1.2.1866878897.1686105013
.atfx.com/	1970-01-20 12:23:11	Name: _uetsid Value: 3c27160004db11ee8336393521615bdb
.atfx.com/	1970-01-20 21:43:21	Name: _uetvid Value: 3c27139004db11ee976c45f4d660a6ce
.atfx.com/	1970-01-20 12:21:46	Name: __hssc Value: 195689843.2.1686105014896
.atfx.com/	1969-12-31 23:59:59	Name: s_cc Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10352767.fls.doubleclick.net
684dd326.akstat.io
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
api.hubapi.com
assets.adobedtm.com
at-client-portal-api.atfx.com
atsolution.demdex.net
bat.bing.com
c.go-mpulse.net
cdn.linkedin.oribi.io
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dpm.demdex.net
dsum-sec.casalemedia.com
fiaazgbakcqaokqce3yapaaaabsh725x-plr8qq-bf20b1f2c-clienttons-s.akamaihd.net
forms.hubspot.com
googleads.g.doubleclick.net
hm.baidu.com
ib.adnxs.com
image2.pubmatic.com
ipapi.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
login-gm.atfx.com
master.d10i7a7v1hjb2v.amplifyapp.com
metrics.atfx-china.com
my.rtmark.net
pixel.rubiconproject.com
prod.api.recur-omni.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
s.go-mpulse.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.co
track.hubspot.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
us-u.openx.net
wkrndbfyk35vszd75o3q-plr8qq-8c40c7222-clientnsv4-s.akamaihd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
bat.bing.com
hm.baidu.com
region1.analytics.google.com
103.235.46.191
104.244.42.133
104.244.42.67
108.138.17.71
13.107.42.14
139.45.195.8
142.250.186.98
142.250.74.198
146.75.116.157
151.101.194.49
18.136.3.90
184.86.251.89
184.86.251.90
185.64.189.110
185.80.39.216
185.94.180.126
2001:4860:4802:34::36
23.36.162.201
2600:9000:20eb:4a00:2:53b2:240:93a1
2600:9000:225e:5600:6:9280:1080:93a1
2606:4700:20::681a:92c
2606:4700::6810:77be
2606:4700::6810:8bce
2606:4700::6811:836e
2606:4700::6811:c9cc
2606:4700::6812:18c4
2606:4700::6812:873b
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9c
2a02:26f0:3100:782::11a6
2a02:26f0:3400:19e::11a6
2a02:26f0:3500:591::1e80
2a02:26f0:480:23::1726:6282
2a02:26f0:780::210:ca7a
2a02:26f0:780::5f65:366a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:cc3:fe05:fc57:13d8:b65e:4717
34.98.64.218
37.252.171.149
52.51.135.19
63.140.62.160
63.34.168.218
63.35.123.106
69.173.144.165
0a3f29f71b535af51932d0d9551a46829b0e043e29eadb83c2bc3e5c849247bf
0ab42332eaf035a7fb440006705f858c4011189c7e9ef5e4ea3a088f03ad2aca
0b7a11c4d34830d32ee191d8cd4b01a886a59e4fa9065f0ef61bcbc5f42e5ea9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
10ab237d847c442817c877542e4db7ee1be867bba46b692ef9832204fcad62ac
1fa2f27d40e61b6b580c05e34d446093c5dd809d7803c4ef68ef05524e23ec3f
20580f9af5de5e2264d9fb10273224b492d5d22b140a1523ba3912ac1e9ab88a
2140a662b775211f323dc358cfc1ba7dcfa40c15c1fd03ed5515b97cabfe8022
2f59f6fe04a48849fcf8e3c73a101ae8a45d416009c49af1f151b3b4565f773e
3a9a7f9c4b463c2f5438daf8c20c306f77d0b672ad2500dc21edd61bb030593f
4498782043c677ba7f77c52787b58f5842d4a2ed283a0b8ece350945afc257b6
45b4f497fce8b74d7b1ee23c9566cb454e0dd529cda0d6c0d34edf04a67f2650
46886a4be83650a436e7b59a28a5dc38f14dd70bcdacf99c52cf8f404cb56ed9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbf0a19df51ceb44a9cd2941b522d5fbdf541d993a53784b26813056ac9a4a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50818b353993b1de002262d888a52d217099c01b7496cb69d2693ed52d8c33cb
51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db
51f916a7ffad2661310fe751c0ddbaa2d26cd4d343f17e9c07aaf84fbe37b988
52b72c5410917f399dcdb3d827537f9d42650653cc4c7b94463b52c4fac779b8
53c6e25ad853b5a6ad922795465a0e178c87af06b8a7ab3bde53b7b6939902c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55146e4beb0d1e16fe104092ed8cb7bc92aa167b2d1227cfca6316b0636ef7df
55a9332e61362115e8c871070beb3e61dd39a084d2eac3b31a0cc8e2039fb839
5803cab79d69f154f7c549e47f71e51bb2b62a56bf5c56a4261c5a2e503d7a65
5a27f8cdfadb27e079737c2dfd65d27f6ff3beb4e6f298e279db7a2c77d28df7
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
68741643aebbdaa90f9848b1624532a9db78d0ac7c6e43c82be0472dbbad7e6a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71114d4a0acef5dc678ec7fa21bc8cfc718d9ef0f4b2d7edb234ec2be1d14950
71f7d3fb2b44ecf533f28489b280466f9691baa330d1d873ed27827eff9bb1cf
73d390d4a7b9b8b5d1fd8efee66f3cd6487282b44322af02e933ad1bdb5eadaf
77a0e24d51fa7c28a539ca2fc51bcc129814f43ee6fbfa9c17c71334b907e0ee
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bc4ab5dc1808a7700750e1356fd9c38678d0784a5d8110c20acbbf4f5531c4c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
80850b9197772575319ba9d5c024dc110de332f3701813c359bcdf3918dfcb8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8654f41cf749de34db3784398fd4d8f70932e741bf4643a50c800702e68dde53
873470d56849b263e38c96bf51b0b884c98d959387de7f9e0134a79cfbb3e7fb
8949a378d2e19b947d06307f992965a28789cddc9ab5e369364f45e8724eb33d
8abb15b350f4961e50cc878fae03a44f5afab6d58d329bf7959edd6a225687e2
949abd2f5e780babc38b670945a790f4b63db231e1f9bf16fe4c0a93ebd0f9f0
94e5ad05707bc87496527b4ff5d043e762ecd18b892bb479f41b21fb7a371163
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
99e9866bb713a4194b11734cf3a728872a90b22d2a68d8f2d16abf9fe65b82d4
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9b497ed3770f75d41af74b9a37ca2694cb2ea0833453f4ff3938b7c1b3349bb0
9c87e705ddf71a11d4a023947e775c362a2cd177e8e931fd6db466083642a070
9cbdfcd12542129f6933e79ce950b8ae45adf8264e6695af01ccb941915a6010
9d43b7e8ca98fcf8057b304069e7dfd864be2cd265c4d8d98a0ae05d84913681
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1fd19c0b4c72031989a7fbf09e2b6bf6b7a277404a2359b3c448116d6609f57
a5a107b924ba9dd5b041f5a96e1b996ed9cecdfbceffea0b702872cc6b0cd121
ab8d6fa3589d2aaf852aaff25ef9ba685ee97708b5e9b38968bb29b936da48b7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adb45dd9bb40f47072c9d7ebaacb5f513d3810955b3a9f1c9d349820dbe53fc5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ba151abd6ddb624f5b4e4fb16ca70e0c8a62ee14ee6cc20faecd204294e44d
b1c204b2744f95175375be9118d365239b64516232ba73b816ab75a422c7af4d
b26b56d37a968f9965085c9e62b8a737395302722cfb45bb82231e82a04e9483
b4b36f862fae672a6d926130bebeb95c5cedc5eab58e9ebb7d940a6e5014d9d5
bb5000a4838f89ecb7dc733a9d5374ab4b390f6633958651c01a15438415fc1e
bd26ce17afaa987151c617fe40f8411f575bd1acd4f28c79d58070d3f19ec0ae
c1f94f9fd2ff80922b2e75620bb600750b55d53ac29d34b8805938ded43982bc
c26e89768f29c63d6ed9c786b9e5179b667734725ad29f1be9a718e9d3e44290
c66f182643947513d3148fae509b983f1a6d160602f18375c2e354496920976c
cda4277caf6079956b18ee0f2aa90c2796e4347d763067cd2ed8de520c406b2b
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d810d62c27c55c915feaca97af37fac9580073e4c1482b7f1665912d74627ac1
db6cfa7c4b954daab528d2355a6345f5fc29882ec3c43258b65acbfcaef7018c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e043716e507228dbdee87f50ef596329d8db47b05ef058b3bcc7d78c2b750a60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8de3da086bc3422b20ab60526ec883ca9c82946a66fd7381543a80a03011b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea3fd554240521d17c87ca13315aeebccceec12e59ccb102417af6a3bddae81d
eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1bcded6bf53e1b255ca9a22b0df6609a6d3dce5ab63706a4af1ef562f86e5a
f2e329624a41e2cd7ef13d83dedde07666fb2c3741a6e925ca18219d3991a2ba
f424a2dfd1456a1be85612e8ac4841a6e8ec7bdda8c85a667d57c2264b1b22c1
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5c0bc154ef72cd3195f9435f64a82bcc65d8eb2d4c9fd8eeecd8d02a94f3bcd
fa85956f083369c2cf8d7fdba0260d79a0a2a35830968af43bcf822ad2baa01b
fa9d4ee8e5cb2ad409566d9ee46c56ee55e09d99477b7d5ddc2b276b078ec4cb

login-gm.atfx.com Open in urlscan Pro 2a02:26f0:480:23::1726:6282 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

233 Requests

91 %HTTPS

55 %IPv6

42 Domains

58 Subdomains

50 IPs

9 Countries

6242 kBTransfer

21678 kBSize

52 Cookies

2 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login-gm.atfx.com Open in urlscan Pro
2a02:26f0:480:23::1726:6282 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

91 %
HTTPS

55 %
IPv6

42
Domains

58
Subdomains

50
IPs

9
Countries

6242 kB
Transfer

21678 kB
Size

52
Cookies

233 HTTP transactions
2 data transactions