urlscan.io logo urlscan.io
SecurityTrails logo

portal.gqgpartners.com Open in urlscan Pro
104.18.23.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://portal.gqgpartners.com/
Effective URL: https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Submission Tags: falconsandbox
Submission: On September 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 59 HTTP transactions. The main IP is 104.18.23.152, located in and belongs to CLOUDFLARENET, US. The main domain is portal.gqgpartners.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 9th 2021. Valid for: a year.
This is the only time portal.gqgpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 48 104.18.23.152 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
1 162.247.243.147 13335 (CLOUDFLAR...)
1 216.58.212.170 15169 (GOOGLE)
1 142.250.185.138 15169 (GOOGLE)
2 13.225.87.101 16509 (AMAZON-02)
5 142.250.185.67 15169 (GOOGLE)
6 52.223.61.136 16509 (AMAZON-02)
59 8
48    104.18.23.152 (None, )

ASN13335 (CLOUDFLARENET, US)
portal.gqgpartners.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net
ajax.googleapis.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
2    13.225.87.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-101.fra2.r.cloudfront.net
cdn.matomo.cloud
5    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
6    52.223.61.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8b6f710f441cdbc2.awsglobalaccelerator.com
investcloud.matomo.cloud
Domain Requested by
48 portal.gqgpartners.com 6 redirects portal.gqgpartners.com
6 investcloud.matomo.cloud cdn.matomo.cloud
5 fonts.gstatic.com fonts.googleapis.com
2 cdn.matomo.cloud portal.gqgpartners.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com portal.gqgpartners.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com portal.gqgpartners.com
59 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-09 -
2022-09-08		 a year crt.sh
*.newrelic.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
cdn.matomo.cloud
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.matomo.cloud
Amazon		 2021-08-20 -
2022-09-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Frame ID: 9366A0BE0E3E4B33E6F9397A1BEECC37
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - GQG

Page URL History Show full URLs

  1. https://portal.gqgpartners.com/ HTTP 302
    https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
    https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Page Statistics

59
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

5061 kB
Transfer

11708 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portal.gqgpartners.com/ HTTP 302
    https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f HTTP 302
    https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://portal.gqgpartners.com/iXingPages/ecdg.ashx?requesttype=dataset&v=2 HTTP 302
  • https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2&requesttype=dataset&v=2 HTTP 302
  • https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
Request Chain 45
  • https://portal.gqgpartners.com/iXingPages/ecdg.ashx?requesttype=dataset&v=2 HTTP 302
  • https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2&requesttype=dataset&v=2 HTTP 302
  • https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request WhiteLogin_WF_App.aspx
portal.gqgpartners.com/Membership/Apps/
Redirect Chain
  • https://portal.gqgpartners.com/
  • https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2f
  • https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c767a83505ff67d09001b73a12919be61a077d5a7d53c1b9c739755e42ed65b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
portal.gqgpartners.com
:scheme
https
:path
/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
ASP.NET_SessionId=llvwud1nauo3nq2ntx0fljqv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 13:13:51 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
pragma
no-cache
expires
-1
set-cookie
IXCulture=en-US; path=/; secure IXSBaseUtcOffset=-240; path=/; secure ASP.NET_SessionId=; expires=Tue, 28-Jan-2020 14:13:51 GMT; path=/; secure XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; path=/; secure IXTMO=1200000; path=/; secure
x-ua-compatible
IE=Edge
strict-transport-security
max-age=15552000
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
695d3b3e8eb24e08-FRA
content-encoding
gzip

Redirect headers

date
Tue, 28 Sep 2021 13:13:51 GMT
content-type
text/html; charset=utf-8
cache-control
private
location
/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
set-cookie
ASP.NET_SessionId=llvwud1nauo3nq2ntx0fljqv; path=/; secure; HttpOnly; SameSite=Lax
x-ua-compatible
IE=Edge
strict-transport-security
max-age=15552000
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
695d3b3d2c864e08-FRA
WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/ 		2 MB
251 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bbccc0c34579b837ff6669c7a6fc8e00cf31654dd6a5998a768a702f2a9d3c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 20:32:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"cfb2c47edea8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b424d9d4e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
rocket-loader.min.js
portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Sep 2021 15:51:34 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6149ff86-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800 public
strict-transport-security
max-age=15552000
cf-ray
695d3b424d9e4e08-FRA
expires
Thu, 30 Sep 2021 13:13:51 GMT
WhiteLogin_WF_App_Generated_IXDFE8FBDA306F77E894D7DC880E10ED0D.js
portal.gqgpartners.com/scripts/jig/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App_Generated_IXDFE8FBDA306F77E894D7DC880E10ED0D.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da6d29261546eaf4a262551c6caf15da22dff6dbd6967b111a34117da7dbb4d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App_Generated_IXDFE8FBDA306F77E894D7DC880E10ED0D.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ac7763b2d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dc64e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
WhiteLogin_WF_App_iXing_IXA5E9AD44E1C20D05F460DAFFEC14C81C.js
portal.gqgpartners.com/scripts/jig/ 		214 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App_iXing_IXA5E9AD44E1C20D05F460DAFFEC14C81C.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1d474ed44619336b6dc9fd73adaaf33d28ee60b59d6d03f7192d677ccf7469
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App_iXing_IXA5E9AD44E1C20D05F460DAFFEC14C81C.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"617ac8b1d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dc84e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
GQGClient_iXing_IX87102F0E3BE6F3875D828EFCDE7BAFED.js
portal.gqgpartners.com/scripts/jig/ 		146 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient_iXing_IX87102F0E3BE6F3875D828EFCDE7BAFED.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7526fe73cd3b3091382628817771abbd4b23fa3ee1df2e5a0c9319efb9bd23f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient_iXing_IX87102F0E3BE6F3875D828EFCDE7BAFED.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"338dfab1d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dca4e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
V4_Dependency_IX17ECB24ADE20F1D3767DE4C3B71EA56A.js
portal.gqgpartners.com/scripts/jig/ 		1 MB
423 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/V4_Dependency_IX17ECB24ADE20F1D3767DE4C3B71EA56A.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ca7d701d3b3044f46e970dc9d5544f5804cb16b6af4632ab608fb1ac6d282b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/V4_Dependency_IX17ECB24ADE20F1D3767DE4C3B71EA56A.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"96c29bcd9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dcb4e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
V4_iXing_IX45D394822EA56221CE50EF412444D6C4.js
portal.gqgpartners.com/scripts/jig/ 		1 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/V4_iXing_IX45D394822EA56221CE50EF412444D6C4.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93447585c8cc885e0aa9b1121b8546ab605d2d4049f1d959c51fc11274c85980
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/V4_iXing_IX45D394822EA56221CE50EF412444D6C4.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7e64fbbd9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dcc4e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
V4_Library_IXAD3B4881DED5C4ACA1345789B84B3546.js
portal.gqgpartners.com/scripts/jig/ 		3 MB
898 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/V4_Library_IXAD3B4881DED5C4ACA1345789B84B3546.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe1db43b7ee9e4d1b0cb0fe170e8cf73185428a21d7dca0c41b8b1acc1aff98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/V4_Library_IXAD3B4881DED5C4ACA1345789B84B3546.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d6ddec1d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dcd4e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
portal.gqgpartners.com/scripts/jig/ 		273 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da140156ae30adef31c54571bd38f2fbf3d97dc49d2dacba77a1bfccec22bb6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Mon, 13 Sep 2021 19:58:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c29ed9b6d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
cf-ray
695d3b425dcf4e08-FRA
expires
Sun, 27 Mar 2022 13:13:52 GMT
WhiteLogin_WF_App-ApplicationMapper_IX1523DB3FFC1ED99F6066FF9292036EC2.json
portal.gqgpartners.com/scripts/jig/ 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-ApplicationMapper_IX1523DB3FFC1ED99F6066FF9292036EC2.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86837cfc366a61f4e287adec11b87de7c8338fb35a7b7b19619f15fb66404d9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App-ApplicationMapper_IX1523DB3FFC1ED99F6066FF9292036EC2.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"26bd11b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb454e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
WhiteLogin_WF_App-CommandListService_IX7FE90C2CCEDB16B61DEC42C77EC2D10C.json
portal.gqgpartners.com/scripts/jig/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-CommandListService_IX7FE90C2CCEDB16B61DEC42C77EC2D10C.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e1dd1a6671c3a716914ba7e923f8e9180d4770d794a5f0c072a1b8e2eb314c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App-CommandListService_IX7FE90C2CCEDB16B61DEC42C77EC2D10C.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"64e418b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb464e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
WhiteLogin_WF_App-LocaleFieldFormats_IX9A7E18128E57836DBC7DDC8FA84FA891.json
portal.gqgpartners.com/scripts/jig/ 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-LocaleFieldFormats_IX9A7E18128E57836DBC7DDC8FA84FA891.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae79af880ccedb0e2a61d5999890a340e2437ae4f239bb4bffaf312a1830568
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App-LocaleFieldFormats_IX9A7E18128E57836DBC7DDC8FA84FA891.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"2d5a2eb0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb474e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
WhiteLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
portal.gqgpartners.com/scripts/jig/ 		116 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"abb20b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb484e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
WhiteLogin_WF_App-WorkFlowApplicationTree_IX44FA9E9A2D45542C33969A3632E191C8.json
portal.gqgpartners.com/scripts/jig/ 		2 KB
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-WorkFlowApplicationTree_IX44FA9E9A2D45542C33969A3632E191C8.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89232facebef6bb33ae20ec0d1ed416b45c632a2c9696ccdaef59279ea23fda1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App-WorkFlowApplicationTree_IX44FA9E9A2D45542C33969A3632E191C8.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"72338b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb4a4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
WhiteLogin_WF_App-WorkFlow_IX009CEA1B57246829D342834A58BB7C7E.json
portal.gqgpartners.com/scripts/jig/ 		9 KB
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-WorkFlow_IX009CEA1B57246829D342834A58BB7C7E.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248e66796769e94fe4220dec1eabc3b69d41f523517e41b384c31cb598ef3ed6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/WhiteLogin_WF_App-WorkFlow_IX009CEA1B57246829D342834A58BB7C7E.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"6b8135b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb4b4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient_IX44893DBB04AAEA8D3F121C5AE05FDD5C.json
portal.gqgpartners.com/scripts/jig/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient_IX44893DBB04AAEA8D3F121C5AE05FDD5C.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc8cf0810171659300d511f125d2b849e44d135fffe23b49f89b4da79020063
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient_IX44893DBB04AAEA8D3F121C5AE05FDD5C.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"72338b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb4f4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient-ApplicationMapper_IXC94864C1F2409DA646C27C6D5492901F.json
portal.gqgpartners.com/scripts/jig/ 		19 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-ApplicationMapper_IXC94864C1F2409DA646C27C6D5492901F.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a04397408eca93d499ceb46b5fd3fedfffebe0afaf208b7b3818a67c5de4c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-ApplicationMapper_IXC94864C1F2409DA646C27C6D5492901F.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"26bd11b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb504e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient-CommandListService_IX1A7929594FABB7193D7CD4FF360F0FD2.json
portal.gqgpartners.com/scripts/jig/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-CommandListService_IX1A7929594FABB7193D7CD4FF360F0FD2.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d46a2e655ec66d8d5a39dbf63ce8ad094bc175f3e8de4c3970a038ab20eb54
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-CommandListService_IX1A7929594FABB7193D7CD4FF360F0FD2.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"64e418b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb534e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient-LocaleFieldFormats_IX8C8C6F8369335087500E192428D07CD3.json
portal.gqgpartners.com/scripts/jig/ 		12 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-LocaleFieldFormats_IX8C8C6F8369335087500E192428D07CD3.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fb852ef33ae06687882d7cb80a98b9fb3e6188a89df67a779682042efe0440
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-LocaleFieldFormats_IX8C8C6F8369335087500E192428D07CD3.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:53 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
12
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2d5a2eb0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
695d3b4ddb544e08-FRA
GQGClient-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
portal.gqgpartners.com/scripts/jig/ 		116 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-TemplateCacheDecorator_IXE8FAA38B03EECA54107B169C8A85D8A3.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"abb20b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb654e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient-WorkFlowApplicationTree_IXF9866D15CF719BBE7E25A00A75258151.json
portal.gqgpartners.com/scripts/jig/ 		2 KB
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-WorkFlowApplicationTree_IXF9866D15CF719BBE7E25A00A75258151.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b380d1b79428bfeff8f65bc1533443d79a8e56835fb467174132a72d7e8599b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-WorkFlowApplicationTree_IXF9866D15CF719BBE7E25A00A75258151.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"72338b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb684e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient-WorkFlow_IX47B36723CDF3CDA912B07703A7DCE539.json
portal.gqgpartners.com/scripts/jig/ 		15 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-WorkFlow_IX47B36723CDF3CDA912B07703A7DCE539.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcebf07cfee0d5263eb72af8a0173106cb014849969c1a057c868ae6c2d312c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-WorkFlow_IX47B36723CDF3CDA912B07703A7DCE539.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"6b8135b0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb6c4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGClient-637671346923694865-locale-en-US.json
portal.gqgpartners.com/scripts/jig/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/GQGClient-637671346923694865-locale-en-US.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569ef1b88019a51884f00e8816abdf69db730704a627d2d816e71c5a79a184f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/scripts/jig/GQGClient-637671346923694865-locale-en-US.json
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"2d5a2eb0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb6d4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
WhiteLogin_WF_App-637671346923694865-locale-en-US.json
portal.gqgpartners.com/scripts/jig/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/scripts/jig/WhiteLogin_WF_App-637671346923694865-locale-en-US.json
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
253c0f0d1bc60328fe9200201fb3e6d4c94c331b65349a59ea06b9f60b2af179
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
:path
/scripts/jig/WhiteLogin_WF_App-637671346923694865-locale-en-US.json
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Sep 2021 19:58:14 GMT
server
cloudflare
etag
W/"c0f72bb0d9a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b4ddb704e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		72 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteLogin_WF.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0e820143f648fee7709f99fd568a41a82166c62ae91572ab2a3e9320fa1648
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
content-length
201
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteLogin_WF.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
set-cookie
ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm; path=/; secure; HttpOnly; SameSite=Lax
cf-ray
695d3b4dfb904e08-FRA
content-length
72
x-ua-compatible
IE=Edge
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
3700EJ4ZWWQ4P78Z
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by
cache-hhn4068-HHN
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1632834834.616330,VS0,VE0
date
Tue, 28 Sep 2021 13:13:53 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5263
d6f04f82e1
bam-cell.nr-data.net/1/ 		49 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/d6f04f82e1?a=271046851&v=1210.e2a3f80&to=NAYHZkFYW0JRVRdaWQ1MJGFjFlhUXVQGQUULChUdUklFQh9BC1pCBg8KVVpXakZWaQJDRk0CFkJL&rst=3495&ck=1&ref=https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx&ap=41&be=2745&fe=3467&dc=3407&perf=%7B%22timing%22:%7B%22of%22:1632834830131,%22n%22:0,%22r%22:0,%22re%22:994,%22f%22:994,%22dn%22:994,%22dne%22:994,%22c%22:994,%22ce%22:994,%22rq%22:995,%22rp%22:1566,%22rpe%22:1567,%22dl%22:1569,%22di%22:1590,%22ds%22:1605,%22de%22:1605,%22dc%22:2694,%22l%22:2694,%22le%22:2695%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=2694&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 28 Sep 2021 13:13:54 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlRSAQEIUFlbFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoFB1UKUHRMB05WAhtDBAIOAgAHA1JTAANRVldTUkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
695d3b4e4a555bfd-FRA
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 12:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 28 Sep 2022 12:58:37 GMT
WhiteLogin_WF_App.aspx
portal.gqgpartners.com/Membership/Apps/
Redirect Chain
  • https://portal.gqgpartners.com/iXingPages/ecdg.ashx?requesttype=dataset&v=2
  • https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2&requesttype=dataset&v=2
  • https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97f8bc5ceb4c27dc7406b23ef3135701ce51b769e086dd01bacc385010d9e02
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm; IXAnalyticsConsent=allow
:path
/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
content-security-policy
frame-ancestors 'self'
set-cookie
IXCulture=en-US; path=/; secure IXSBaseUtcOffset=-240; path=/; secure ASP.NET_SessionId=; expires=Tue, 28-Jan-2020 14:13:55 GMT; path=/; secure XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; path=/; secure IXTMO=1200000; path=/; secure
cf-ray
695d3b589e394e08-FRA
expires
-1

Redirect headers

date
Tue, 28 Sep 2021 13:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
cache-control
private
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b577c3a4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
HomepageBackground.png
portal.gqgpartners.com/App_Themes/Default/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.gqgpartners.com/App_Themes/Default/images/HomepageBackground.png
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631106fe9b4cfc39c1af55e5d62b1a277b8dde7472f4a189ceddedb18b365f96
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/App_Themes/Default/images/HomepageBackground.png
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
2472604
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Thu, 08 Jul 2021 14:19:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"e3a5e750474d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/png
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
695d3b5609974e08-FRA
expires
Sun, 27 Mar 2022 13:13:55 GMT
Ecd.ashx
portal.gqgpartners.com/iXingPages/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/Ecd.ashx?IX_EXTAUTH=Y
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
content-length
110
:path
/iXingPages/Ecd.ashx?IX_EXTAUTH=Y
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/xml, text/xml, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/xml, text/xml, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b56099f4e08-FRA
content-length
0
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ilg.ashx
portal.gqgpartners.com/Membership/ExtPages/ 		67 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Membership/ExtPages/ilg.ashx?IX_MN=Y
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbce8f1b513639666d7c23561e232d925ce42905787a66c287541909a1463ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
:path
/Membership/ExtPages/ilg.ashx?IX_MN=Y
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b5639dd4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		735 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteFooterLinks_List.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9382e55b564db51c464c0a92b8c85e46abc28de5bf7ac6a96baa6404d7d721d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
content-length
170
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteFooterLinks_List.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b568a614e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		735 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=CMSFooterLinks_Input.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afbe3769ec28afe4edbd98f80f966b1d58985bdd6b50f1d47bfc263103f0d00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
content-length
168
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=CMSFooterLinks_Input.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b568a6e4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
GQGLoginLogo.png
portal.gqgpartners.com/App_Themes/Default/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.gqgpartners.com/App_Themes/Default/images/GQGLoginLogo.png
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b95d6fc69f6b3682753c62206a5e6ad454cce27a4aaaf757cbe129959ee56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/App_Themes/Default/images/GQGLoginLogo.png
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
4732
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Thu, 08 Jul 2021 14:19:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7843e550474d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/png
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
695d3b56aa954e08-FRA
expires
Sun, 27 Mar 2022 13:13:55 GMT
MaterialIcons-Regular.woff2
portal.gqgpartners.com/Fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Fonts/MaterialIcons-Regular.woff2
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
:path
/Fonts/MaterialIcons-Regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
expires
Tue, 28 Sep 2021 17:13:55 GMT
cache-control
public, max-age=14400
strict-transport-security
max-age=15552000
cf-ray
695d3b56aa9d4e08-FRA
x-ua-compatible
IE=Edge
GQGLogo.png
portal.gqgpartners.com/App_Themes/Default/images/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.gqgpartners.com/App_Themes/Default/images/GQGLogo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c72813c08ddc76d88832ebbc39ba918f565dc8b40d2661e41ff8370c274f35
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/App_Themes/Default/images/GQGLogo.png
pragma
no-cache
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
179895
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
public
last-modified
Tue, 06 Jul 2021 23:58:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"6b638ad3c272d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
image/png
cache-control
public, max-age=15552000
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
695d3b574bcf4e08-FRA
expires
Sun, 27 Mar 2022 13:13:55 GMT
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		403 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteCopyright_Input.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed943603da11e06fd6dab1ebc6c88ffe7bdc4a85260dd61cef3bf02b01160cde
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
content-length
255
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteCopyright_Input.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b577c364e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		1 KB
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=CMSFooterText_Input.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb198c8a5ca1fc0040b478a7c82eca9246f34f0753f6d304b9970c43a7ae626a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm
content-length
253
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=CMSFooterText_Input.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b577c394e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%7CMaterial+Icons&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
3ba244b62f81b0dc0322532b3301fabf95d0cacd5584c7df282cb7d8f1129ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 13:13:55 GMT
server
ESF
date
Tue, 28 Sep 2021 13:13:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Sep 2021 13:13:55 GMT
matomo.js
cdn.matomo.cloud/investcloud.matomo.cloud/ 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_iXing_IX45D394822EA56221CE50EF412444D6C4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8135c775cabbe779abbd40c05fb7da7a2396c507b54a0df4f6e877d4417964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 28 Sep 2021 13:13:56 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 19:57:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"95c18b7c9e29b6efbb0c2c3094c9884b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
EjBhfYnGKYt8pVXL.R4L0xIrWC2mNTeX
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=691200
x-amz-replication-status
COMPLETED
content-type
application/javascript; charset=utf-8
x-amz-cf-id
w0jpqmxf4XOOxZGwwRiV4VGvZIt4BgEr6ygiCuo5lvLb-cytzeWfZg==
container_OxtahzZX.js
cdn.matomo.cloud/investcloud.matomo.cloud/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/investcloud.matomo.cloud/container_OxtahzZX.js
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_iXing_IX45D394822EA56221CE50EF412444D6C4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fbfd8e87d0c89a61b25d68bc9b9eef5595d98e053bb3ffa76a2b9cee01d21c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 28 Sep 2021 13:13:56 GMT
content-encoding
gzip
last-modified
Sun, 07 Mar 2021 23:55:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"d8402aa123982ee26d817f1e28e38219"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
null
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
max-age=691200
x-amz-replication-status
COMPLETED
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3tksrxDFjC8gf4B_oQcd5iBjxvgtRJ7aV_0-TCFrzSycaqavPxMRbQ==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%7CMaterial+Icons&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
506532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%7CMaterial+Icons&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options
nosniff
age
71178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 17:27:37 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v103/ 		108 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v103/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%7CMaterial+Icons&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
ff253fe18544cbbce7aab407c64ac2bc1e7bd6b933b9e0ed8865e60d96cd9b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 14:07:01 GMT
x-content-type-options
nosniff
age
83214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110560
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 17:44:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 14:07:01 GMT
WhiteLogin_WF_App.aspx
portal.gqgpartners.com/Membership/Apps/
Redirect Chain
  • https://portal.gqgpartners.com/iXingPages/ecdg.ashx?requesttype=dataset&v=2
  • https://portal.gqgpartners.com/Membership/HomePageDefault.aspx?ReturnUrl=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2&requesttype=dataset&v=2
  • https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97f8bc5ceb4c27dc7406b23ef3135701ce51b769e086dd01bacc385010d9e02
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm; IXAnalyticsConsent=allow; _pk_id.2.3880=9bd4164c7c177c0a.1632834835.; _pk_ses.2.3880=1
:path
/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
content-security-policy
frame-ancestors 'self'
set-cookie
IXCulture=en-US; path=/; secure IXSBaseUtcOffset=-240; path=/; secure ASP.NET_SessionId=; expires=Tue, 28-Jan-2020 14:13:55 GMT; path=/; secure XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; path=/; secure IXTMO=1200000; path=/; secure
cf-ray
695d3b5a28b44e08-FRA
expires
-1

Redirect headers

date
Tue, 28 Sep 2021 13:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=%2fiXingPages%2fecdg.ashx%3frequesttype%3ddataset%26v%3d2
cache-control
private
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b593f534e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%7CMaterial+Icons&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
506535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700%7CMaterial+Icons&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
506535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		736 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteFooterLinks_List.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d1b6498f023e4bffc234f4e62b4c014eed24ab172ab2f261bd9c9c70742009
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm; IXAnalyticsConsent=allow
content-length
170
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteFooterLinks_List.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b588e1f4e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
ecd.ashx
portal.gqgpartners.com/iXingPages/ 		403 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteCopyright_Input.App
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/scripts/jig/V4_Startup_IXE53A6C76EFC8F9F60E16FA26B6997D6F.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b426ee569342dcac7a20d1c614e994cb8b114f85fdfc8374d7ff6f7083f22fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
x-xsrf-token
Y4J+nNR1jqgH1uOb4TAx4w==
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm; IXAnalyticsConsent=allow
content-length
255
:path
/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteCopyright_Input.App
pragma
no-cache
ic-culture
en-US
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
:scheme
https
sec-fetch-site
same-origin
:method
POST
IC-Culture
en-US
X-XSRF-TOKEN
Y4J+nNR1jqgH1uOb4TAx4w==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://portal.gqgpartners.com/Membership/Apps/WhiteLogin_WF_App.aspx?ReturnURL=/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Sep 2021 13:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self'
strict-transport-security
max-age=15552000
cf-ray
695d3b58be674e08-FRA
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
matomo.php
investcloud.matomo.cloud/ 		0
173 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://investcloud.matomo.cloud/matomo.php?action_name=Sign%20In%20-%20GQG&idsite=2&rec=1&r=260903&h=13&m=13&s=55&url=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp%26WhiteLogin_Input_App.RememberMe%3DN%26IX_OB%3D2&urlref=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp&_id=9bd4164c7c177c0a&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=hvPABJ&pf_net=0&pf_srv=571&pf_tfr=1&pf_dm1=21&pf_dm2=1104&pf_onl=1
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.gqgpartners.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://portal.gqgpartners.com
date
Tue, 28 Sep 2021 13:13:55 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
configs.php
investcloud.matomo.cloud/plugins/HeatmapSessionRecording/ 		116 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investcloud.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=hGZWMa&url=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp%26WhiteLogin_Input_App.RememberMe%3DN%26IX_OB%3D2
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
d23869fa1a9eef855cc81e1042c1c43c9129f2c5f0806f15f242d258bcc7d5c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
configs.php
investcloud.matomo.cloud/plugins/HeatmapSessionRecording/ 		116 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investcloud.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=2salkr&url=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp%26WhiteLogin_Input_App.RememberMe%3DN%26IX_OB%3D2
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
2de34dd816feb817d23c8cee5ed8e60f160591091d6ca183833d3c197f787518

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
server
Apache
content-length
118
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
configs.php
investcloud.matomo.cloud/plugins/HeatmapSessionRecording/ 		116 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://investcloud.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=5t2r33&url=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp%26WhiteLogin_Input_App.RememberMe%3DN%26IX_OB%3D2
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
ec74fd852dc9db1d65cc4f081552b57f945a1841e3c1ec645fad569a4c77ab1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://portal.gqgpartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:55 GMT
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
MaterialIcons-Regular.woff
portal.gqgpartners.com/Font/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Font/MaterialIcons-Regular.woff
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; ASP.NET_SessionId=lo3remf333vqg0b3sdebwhtm; IXAnalyticsConsent=allow; _pk_id.2.3880=9bd4164c7c177c0a.1632834835.; _pk_ses.2.3880=1
:path
/Font/MaterialIcons-Regular.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:56 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
expires
Tue, 28 Sep 2021 17:13:56 GMT
cache-control
public, max-age=14400
strict-transport-security
max-age=15552000
cf-ray
695d3b5a08974e08-FRA
x-ua-compatible
IE=Edge
MaterialIcons-Regular.ttf
portal.gqgpartners.com/Fonts/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.gqgpartners.com/Fonts/MaterialIcons-Regular.ttf
Requested by
Host: portal.gqgpartners.com
URL: https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f4a3ab562048f28dd1fa691601bc43363a61d0f876d16d8316c52e4f32d696
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://portal.gqgpartners.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
IXCulture=en-US; IXSBaseUtcOffset=-240; XSRF-TOKEN=Y4J+nNR1jqgH1uOb4TAx4w==; IXTMO=1200000; IXLastActivityTime=Tue Sep 28 2021 13:13:52 GMT+0000 (GMT); IXTimezone=Etc/UTC; IXAnalyticsConsent=allow; _pk_id.2.3880=9bd4164c7c177c0a.1632834835.; _pk_ses.2.3880=1
:path
/Fonts/MaterialIcons-Regular.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
portal.gqgpartners.com
referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://portal.gqgpartners.com/styles/0420CC9EF867EFE6E223AE18E2A80798/WhiteLogin.WF.App_IXFBCFF44BDDA4B4EE712BFF856C428DE0.css
Origin
https://portal.gqgpartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 13:13:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
128180
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Tue, 06 Jul 2021 23:58:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"d6f7baddc272d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/octet-stream
cache-control
public, max-age=14400
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
cf-ray
695d3b5d4ea44e08-FRA
expires
Tue, 28 Sep 2021 17:13:56 GMT
matomo.php
investcloud.matomo.cloud/ 		0
173 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://investcloud.matomo.cloud/matomo.php?action_name=Sign%20In%20-%20GQG&idsite=2&rec=1&r=635226&h=13&m=13&s=55&url=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp%26WhiteLogin_Input_App.RememberMe%3DN%26IX_OB%3D2&urlref=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp&_id=9bd4164c7c177c0a&_idn=0&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=dLruT3&pf_net=0&pf_srv=571&pf_tfr=1&pf_dm1=21&pf_dm2=1104&pf_onl=1
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.gqgpartners.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://portal.gqgpartners.com
date
Tue, 28 Sep 2021 13:13:56 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
matomo.php
investcloud.matomo.cloud/ 		0
173 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://investcloud.matomo.cloud/matomo.php?action_name=Sign%20In%20-%20GQG&idsite=2&rec=1&r=458784&h=13&m=13&s=55&url=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp%26WhiteLogin_Input_App.RememberMe%3DN%26IX_OB%3D2&urlref=https%3A%2F%2Fportal.gqgpartners.com%2FMembership%2FApps%2FWhiteLogin_WF_App.aspx%3FReturnURL%3D%2F%23!%2Fw%2Fwhiteloginwfapp%3Fs%3Dwhiteloginholderapp&_id=9bd4164c7c177c0a&_idn=0&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=k58R4k&pf_net=0&pf_srv=571&pf_tfr=1&pf_dm1=21&pf_dm2=1104&pf_onl=1
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/investcloud.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portal.gqgpartners.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://portal.gqgpartners.com
date
Tue, 28 Sep 2021 13:13:56 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| __cfQR object| WF_CONFIG_FILES string| uniqueTranslationId object| WebFontConfig object| IX_Theme function| IX_GetCookieValue function| IX_IsHTTPS function| IX_GetSecureFlag function| IX_SetCookieValue function| IX_isMacOS function| IX_isIOS function| IX_isAndroid function| $ function| jQuery object| angular object| iXing boolean| IX_UserAuthenticated number| IX_TimeoutStart object| NREUM object| newrelic function| __nr_require object| jstz object| cookieconsent function| JSZip function| numeral function| Sugar function| Cldr function| Globalize object| DevExpress function| _ function| moment function| P object| Modernizr function| GridStackUI undefined| IX_checkCSRFCookieInterval undefined| IX_initCSRFToken function| GetAntiForgeryToken function| UpdateAntiForgeryToken function| btoau function| atobu function| isBrowserIE11 function| isBrowserIELessThan10 function| isBrowserEdge function| isBrowserIE function| IX_isMobile function| IX_DeleteCookie function| IX_DeleteMFACookies function| IX_OnBeginCallback function| IX_OnEndCallback function| IX_ConfirmMessage function| IX_OpenPopupAndBecomeUser function| IX_SetRememberUsernameCookieValue function| IX_GetUsernameFromCookieValue function| IX_SetUsernameFromCookieValue function| generateUUID function| IX_TriggerSSO function| IX_getMessageText function| IX_getCommandFromMessageList function| IX_ConvertDSListToDXFormat function| IX_SetEcdRequestContext function| IX_GetEcdDataAndResolvePromise function| IX_GetMFADataAndResolvePromise function| IX_GetListDataAndResolvePromise function| IX_LogRequest function| IX_EcdRequest function| IX_MFARequest function| IX_PerformPrimeCacheRequests function| IX_getQueryStringParameter function| IX_RedirectToReturnURL function| IX_GetURIWithCSRFTokenInQuery function| IX_IsEnforceCSRFOnGetFeatureOn function| IX_Ajax function| IX_GetMFADeviceRef function| IX_UpdateDisclaimer function| IX_PerformLogin function| IX_centerElement function| IX_centerElementVertically function| IX_ExtendjQuerySelectors function| IX_getDisplayCustomAlertInfo function| IX_GetModalService function| IX_ShowCustomAlert function| IX_enhanceAlert function| IX_trapFocus function| IX_alert2 function| IX_findColumnPosition function| IX_urlify function| IX_replacePropertiesInComponent function| IX_customVerticalScrollBars function| IX_SetTimeZone function| IX_userIsActuallyLoggedOut function| redirectUserForLogout function| IX_ResetPendingSessionExtensionRequests function| _IX_MakeServerSideCall function| _resetSession function| IX_GetThrottledInitiateServerSideCall function| _IX_IntitiateServerSideCallThrottled function| IX_IntitiateServerSideCall function| IX_reloadServerSessionWithIframe function| IX_SetLoadingPanelAriaAttributes function| IX_checkCSRFCookieChange function| IX_startCSRFChecks function| isUserAuthenticated function| IX_IsIPhone function| IX_fallbackImagePath function| IX_emailifyAsLink function| IX_maxWidth function| IC_Alert function| getChromeBrowserVersion function| IX_WdigetMenuItemClick function| CLIX_cbpWidgetMenu_EndCallback function| IX_PerfStart function| IX_PerfEnd function| showIcConsole object| KEYS function| IX_SetValueInList function| IX_RunListAppAutoSelect function| IX_SetDropDownDisplayValue function| IX_RemoveUnnecesaryAriaTextFromDropDown function| IX_DropDownOnFocusIn function| IX_SetContextForOnComponentClick function| IX_Signout function| IX_CreateCustomDataSourceForMenu function| IX_GetODCHandler function| IX_GetECDHandler function| IX_GetEcdDataAndResolvePromiseNonList function| IX_CreateCustomDataSource function| IX_CreateDataSource function| IX_SetDataIn function| IX_GetResult function| IX_ProcessSingletonResponseData function| IX_CallSimpleOp function| IX_FlatApplicationProperties function| IX_FlattenObjectsForApplication function| IX_GetChaceKeyForECDG function| IX_SetECDContext function| IX_GetContextFromRouteParams function| IX_GetDataFromUrlContext function| IX_MapValueInContext function| IX_SetValueInContext function| IX_SetRunOnceInstructionForRedirectWithWorkflow function| IX_ProcessV4Redirect function| IX_ConvertSelectedRowsToDSFormat function| IX_SetCustomRowsToExportToExcel object| IX_LocalStorage function| IX_SetAppAsInitialized function| IX_IsAppInitialized function| IX_IterateArrayAndFormatValues function| IX_LoadOrRefreshChart function| IX_InitializeChart function| IX_GetFormattedField function| IX_GetUnFormattedField function| IX_ConditionalFormatApplyFormat_PivotedGrid function| IX_ConditionalFormatApplyFormat_jQueryElement function| IX_ConditionalFormatApplyFormat function| IX_UnApplyConditionalFormatCssClass function| IX_AddToScopeObjRawDataArrayFromDSFormat function| IX_IC_SetChartColors function| IX_DataGroupingHelper function| IX_IC_GetChartGroup function| IX_CreateGroupLabelColorMap function| IX_ShowCommonLoadingPanel function| IX_HideCommonLoadingPanel function| IX_SetAriaAttributes function| IX_PopUpOnShownAddClass function| IX_Log function| IX_InBecomeUserMode function| IX_ToggleDisabledButtons function| IX_GetAndRunValidationGroupRules function| IX_IsValidationGroupValid function| IX_SetGoogleMapAutocompletForInput function| IX_SetSocialSharingButtons function| IX_GetDxRowDomData function| IX_ExecuteButtonInAppScope function| hasScrollbar function| IX_ForceShowScrollbars function| IX_OnShownModalDialogSetUpADA function| IX_OnHiddenModalDialogSetUpADA function| IX_UpdateAppWrapperHTMLAttributes function| IX_AnnounceText function| IX_setFocusToElementByClassName function| IX_AddBodyAttributesDefinedByMobileApplication function| IX_BindAnnounceTextToLoadngState function| IX_SetAdaHeaderMarkup function| IX_resizePopupBasedOnViewport function| IX_isSafari function| IX_publishOnStaticLinksEvent function| IX_openOutsideMobileApp function| IX_isWebView function| IX_ApplyDeviceStyles function| IX_RebindButtonKeyPressEventHandler function| IX_ApplyInputAppADAFixes function| IX_GetFieldValueForTest function| IX_FixAlternatingRows function| IX_ScrollRestoration function| retainFocus function| IX_ButtonRetainFocus function| IX_GetThemeProperty function| IX_GetThemePropertyValue1 function| IX_GetThemePropertyValue2 function| IX_IsThemePropertyValue1Falsey string| icClassPrintStyles string| icClassPrintGridSection string| icClassPrintTable string| icClassPrintTableFixed string| icClassPrintTableScrollable string| icClassPrintTableScreenInPct string| icClassPrintFreespaceRow string| icClassPrintOmitCol string| icClassPrintViewCol string| icClassPrintRowHeight string| icClassPrintHideCell boolean| printColOptimization boolean| printRowOptimization boolean| logMediaStyle boolean| logBeforePrintGrid boolean| logAfterPrintGrid boolean| logRowHeights boolean| logColumCalculation boolean| logGeneratedStyleToBody function| setUpMediaStyle function| writeToMediaStyle function| icPrintGridMakeClass function| icPrintGridGetClasses function| icPrintGridLogging function| beforePrintGridProcess function| afterPrintGridProcess function| canDetectPrintMediaDimensions function| keepScreenWidths function| outputStylesToBody function| columnWidthsToPercentages function| icClassRemover function| icPrintRemoveClass function| icPrintAddClass function| icPrintGetWidth function| icPrintGetHeight function| percentOverflowingX function| findRowTdOverhangAndColspan function| getInternetExplorerVersion function| isBrowserFirefox function| isBrowserAppleChrome function| hasPrintAllVisibleScrollableAndFixedColumnsThemeProp function| printAllVisibleScrollableAndFixedColumnsDefaultWidth boolean| hasBeforePrintEvent function| mediaQueryChangeEvent function| windowsOnLoadMediaQueryChange boolean| True boolean| False object| string function| IX_ConditionalFormatExecuteRules function| IX_ConditionalRedirectExecuteRules function| IX_Update_Disabled_State_For_Validation_Group_Buttons function| QryAggregateProfitAndLossLiteCalculations function| IX_getReplacementValueIfNeeded function| IX_canvasLock function| IX_canvasUnlock function| IX_addApplicationToCanvas function| IX_SetScopeVariable function| IX_refreshCanvas function| IX_loadCanvas function| IX_CanvasPrint function| IX_canvasClone function| IX_CanvasDelete function| IX_TidyUpCanvas function| IX_IC_NormalizeDonutChartMultiGroupLegendConfig function| IX_IC_UpdateChartMultiGroupData function| IX_ConvertMultiGroupToArrayAndSort function| AdaTableLinkCommon function| IX_GetTableIdForFile function| IX_DeleteFile function| IX_ClearFile object| _directives object| customTab object| IX_LocalStorageContainer object| IX_DEBUG_SETTINGS boolean| IX_AreNativeScrollbarsVisible object| jQuery111108951717875281537 object| System function| Recorder object| NiceScroll function| isValidIEVersion function| RocketPageFlip boolean| ie10plus object| CircularJSON function| IX_setAria string| DROP_DOWN_EDITOR_CLASS string| TEXTEDITOR_CLEAR_BUTTON_CLASS string| TEXTEDITOR_CLEAR_ICON_CLASS string| TEXTEDITOR_ICON_CLASS object| Highcharts function| Hammer function| filterCSS function| filterXSS function| Big object| skrollr function| postscribe function| iFrameResize function| IX_triggerSessionKeepAliveEvent function| IX_triggerSignOutEvent object| $translateProvider function| ng$directive function| uuidv4 function| CLCMSFooterLinksInputApp__CLE_OnComponentClick_ConditionalRedirect_Rule_0 function| CLCMSFooterLinksInputApp__CLE_OnComponentClick_ConditionalRedirect_Rule_1 function| CLCMSFooterLinksInputApp__CLE_OnComponentClick_ConditionalRedirect_Rule_2 function| CLWhiteLoginInputApp_CL_Btn_9_CLE_OnClick_ConditionalRedirect_Rule_0 function| CLWhiteLoginInputApp_CL_Btn_9_CLE_OnClick_ConditionalRedirect_Rule_1 function| CLWhiteLoginInputApp_CL_Btn_9_CLE_OnClick_cbc_1 function| CLWhiteLoginInputApp_CL_Btn_9_CLE_OnClick_cbc_2 function| CLWhiteFooterLinksListApp__CLE_OnComponentClick_ConditionalRedirect_Rule_0 function| CLWhiteFooterLinksListApp__CLE_OnComponentClick_ConditionalRedirect_Rule_1 boolean| __cfRLUnblockHandlers function| IX_ShowCustomSessionTimeOutPopup function| showAccessibilityWarnings object| WebFont object| icMenuDefaultItems object| _paq object| _mtm object| MatomoTagManager object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| lastError

9 Cookies

Domain/Path Name / Value
portal.gqgpartners.com/ Name: IXCulture
Value: en-US
portal.gqgpartners.com/ Name: IXSBaseUtcOffset
Value: -240
portal.gqgpartners.com/ Name: XSRF-TOKEN
Value: Y4J+nNR1jqgH1uOb4TAx4w==
portal.gqgpartners.com/ Name: IXTMO
Value: 1200000
portal.gqgpartners.com/ Name: IXLastActivityTime
Value: Tue Sep 28 2021 13:13:52 GMT+0000 (GMT)
portal.gqgpartners.com/ Name: IXTimezone
Value: Etc/UTC
portal.gqgpartners.com/ Name: IXAnalyticsConsent
Value: allow
portal.gqgpartners.com/ Name: _pk_id.2.3880
Value: 9bd4164c7c177c0a.1632834835.
portal.gqgpartners.com/ Name: _pk_ses.2.3880
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://portal.gqgpartners.com/iXingPages/ecd.ashx?requesttype=dataset&v=2&app=WhiteLogin_WF.App
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://portal.gqgpartners.com/Fonts/MaterialIcons-Regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://portal.gqgpartners.com/Font/MaterialIcons-Regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam-cell.nr-data.net
cdn.matomo.cloud
fonts.googleapis.com
fonts.gstatic.com
investcloud.matomo.cloud
js-agent.newrelic.com
portal.gqgpartners.com
104.18.23.152
13.225.87.101
142.250.185.138
142.250.185.67
151.101.194.137
162.247.243.147
216.58.212.170
52.223.61.136
0a8135c775cabbe779abbd40c05fb7da7a2396c507b54a0df4f6e877d4417964
0bbccc0c34579b837ff6669c7a6fc8e00cf31654dd6a5998a768a702f2a9d3c5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
16c72813c08ddc76d88832ebbc39ba918f565dc8b40d2661e41ff8370c274f35
248e66796769e94fe4220dec1eabc3b69d41f523517e41b384c31cb598ef3ed6
253c0f0d1bc60328fe9200201fb3e6d4c94c331b65349a59ea06b9f60b2af179
2de34dd816feb817d23c8cee5ed8e60f160591091d6ca183833d3c197f787518
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33e1dd1a6671c3a716914ba7e923f8e9180d4770d794a5f0c072a1b8e2eb314c
37ca7d701d3b3044f46e970dc9d5544f5804cb16b6af4632ab608fb1ac6d282b
3ba244b62f81b0dc0322532b3301fabf95d0cacd5584c7df282cb7d8f1129ab7
4b380d1b79428bfeff8f65bc1533443d79a8e56835fb467174132a72d7e8599b
54040ab713c1ddbe12206986776b4efd34f770c47349b0d5e5e2561afb02f175
569ef1b88019a51884f00e8816abdf69db730704a627d2d816e71c5a79a184f0
5b1d474ed44619336b6dc9fd73adaaf33d28ee60b59d6d03f7192d677ccf7469
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
62fb852ef33ae06687882d7cb80a98b9fb3e6188a89df67a779682042efe0440
631106fe9b4cfc39c1af55e5d62b1a277b8dde7472f4a189ceddedb18b365f96
6b426ee569342dcac7a20d1c614e994cb8b114f85fdfc8374d7ff6f7083f22fb
6dc8cf0810171659300d511f125d2b849e44d135fffe23b49f89b4da79020063
7bbce8f1b513639666d7c23561e232d925ce42905787a66c287541909a1463ae
7fe1db43b7ee9e4d1b0cb0fe170e8cf73185428a21d7dca0c41b8b1acc1aff98
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
86837cfc366a61f4e287adec11b87de7c8338fb35a7b7b19619f15fb66404d9c
89232facebef6bb33ae20ec0d1ed416b45c632a2c9696ccdaef59279ea23fda1
8afbe3769ec28afe4edbd98f80f966b1d58985bdd6b50f1d47bfc263103f0d00
93447585c8cc885e0aa9b1121b8546ab605d2d4049f1d959c51fc11274c85980
9382e55b564db51c464c0a92b8c85e46abc28de5bf7ac6a96baa6404d7d721d3
a6d1b6498f023e4bffc234f4e62b4c014eed24ab172ab2f261bd9c9c70742009
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa0e820143f648fee7709f99fd568a41a82166c62ae91572ab2a3e9320fa1648
b0fbfd8e87d0c89a61b25d68bc9b9eef5595d98e053bb3ffa76a2b9cee01d21c
b7f4a3ab562048f28dd1fa691601bc43363a61d0f876d16d8316c52e4f32d696
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf3b95d6fc69f6b3682753c62206a5e6ad454cce27a4aaaf757cbe129959ee56
c767a83505ff67d09001b73a12919be61a077d5a7d53c1b9c739755e42ed65b3
c7d46a2e655ec66d8d5a39dbf63ce8ad094bc175f3e8de4c3970a038ab20eb54
cae79af880ccedb0e2a61d5999890a340e2437ae4f239bb4bffaf312a1830568
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d23869fa1a9eef855cc81e1042c1c43c9129f2c5f0806f15f242d258bcc7d5c2
d7526fe73cd3b3091382628817771abbd4b23fa3ee1df2e5a0c9319efb9bd23f
d97f8bc5ceb4c27dc7406b23ef3135701ce51b769e086dd01bacc385010d9e02
da140156ae30adef31c54571bd38f2fbf3d97dc49d2dacba77a1bfccec22bb6d
da6d29261546eaf4a262551c6caf15da22dff6dbd6967b111a34117da7dbb4d7
dcebf07cfee0d5263eb72af8a0173106cb014849969c1a057c868ae6c2d312c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec74fd852dc9db1d65cc4f081552b57f945a1841e3c1ec645fad569a4c77ab1b
ed943603da11e06fd6dab1ebc6c88ffe7bdc4a85260dd61cef3bf02b01160cde
f6a04397408eca93d499ceb46b5fd3fedfffebe0afaf208b7b3818a67c5de4c6
fb198c8a5ca1fc0040b478a7c82eca9246f34f0753f6d304b9970c43a7ae626a
ff253fe18544cbbce7aab407c64ac2bc1e7bd6b933b9e0ed8865e60d96cd9b39