auth.stonex.com Open in urlscan Pro
35.81.67.0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my.stonex.com/
Effective URL:
https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F...
Submission: On May 09 via api (May 9th 2022, 8:43:56 am UTC) from CA — Scanned from GB

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 50 HTTP transactions. The main IP is 35.81.67.0, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is auth.stonex.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 7th 2021. Valid for: a year.

This is the only time auth.stonex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 25	160.8.1.253 160.8.1.253	14340 (SALESFORCE) (SALESFORCE)
1 2	52.254.21.34 52.254.21.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
3	35.81.67.0 35.81.67.0	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
9	143.204.98.55 143.204.98.55	16509 (AMAZON-02) (AMAZON-02)
2	13.226.132.37 13.226.132.37	16509 (AMAZON-02) (AMAZON-02)
50	13

25 160.8.1.253 (London, United Kingdom) 4 redirects

ASN14340 (SALESFORCE, US)

my.stonex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.254.21.34 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

micms.intlfcstone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
micms.stonex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.81.67.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-67-0.us-west-2.compute.amazonaws.com

auth.stonex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.98.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-55.fra50.r.cloudfront.net

ok14static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.132.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-37.dus51.r.cloudfront.net

login.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	stonex.com 4 redirects my.stonex.com micms.stonex.com auth.stonex.com	1 MB
9	oktacdn.com ok14static.oktacdn.com — Cisco Umbrella Rank: 101581	2 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	3 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 887 syndication.twitter.com — Cisco Umbrella Rank: 1088	133 KB
2	okta.com login.okta.com — Cisco Umbrella Rank: 10852	97 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3632	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 20	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	440 B
1	intlfcstone.com 1 redirects micms.intlfcstone.com	160 B
50	10

	Domain	Requested by
25	my.stonex.com	4 redirects my.stonex.com
9	ok14static.oktacdn.com	auth.stonex.com ok14static.oktacdn.com
5	fonts.googleapis.com	micms.stonex.com my.stonex.com
3	auth.stonex.com	my.stonex.com auth.stonex.com ok14static.oktacdn.com
2	login.okta.com	ok14static.oktacdn.com login.okta.com
2	www.google-analytics.com	my.stonex.com www.google-analytics.com
2	platform.twitter.com	my.stonex.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	micms.stonex.com	my.stonex.com
1	micms.intlfcstone.com	1 redirects
50	13

This site contains links to these domains. Also see Links.

Domain
www.okta.com

Subject Issuer	Validity	Valid
my.stonex.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-04` - `2023-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
auth.stonex.com Sectigo RSA Organization Validation Secure Server CA	`2021-09-07` - `2022-09-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh
accounts.okta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-07-25`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F%2Fmy.stonex.com%2Fservices%2Fauthcallback%2FOktaOIDC&response_type=code&scope=email+profile+openid+Identity.Api+offline_access+pilot_assignments&state=CAAAAYCoCu98MDAwMDAwMDAwMDAwMDAwAAAA7H4oPIEj2LIWEK6wXYnrSvqL-OgEFRgTyjZ8K4Iz-EJjNIMDPRzWlErKbfkDrFZehvhhoU9ymjDi8VuJcpiWDNV3Ou5wLcVuOWGNfNV9zABgiceGbu5245rGvuTaG8oaA63MMJTz9P0biH1RFoMzBwyC5veLhvwFk7QfVlk4gzbWgcx6G3Vc6eXPVZ6-i4Rlms9QdS-dwM8uZ4djdWTclt-60x7PZZt4s0PFvtHYUWSQ
Frame ID: C35C496AD62F3ACB98AA7BB1287A0093
Requests: 46 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fmy.stonex.com
Frame ID: A8EF84CB8A40B89472188EE8B0D95112
Requests: 2 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 4251994CB1D4688C267EC685BB80842C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

StoneX CIAM - Sign In

Page URL History Show full URLs

http://my.stonex.com/ HTTP 301
https://my.stonex.com/ HTTP 301
https://my.stonex.com/s/ HTTP 301
https://my.stonex.com/s/?language=en_US Page URL
https://my.stonex.com/services/auth/sso/OktaOIDC HTTP 302
https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redi... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

50
Requests

96 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

3670 kB
Transfer

9364 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.okta.com/
Title: Okta

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my.stonex.com/ HTTP 301
https://my.stonex.com/ HTTP 301
https://my.stonex.com/s/ HTTP 301
https://my.stonex.com/s/?language=en_US Page URL
https://my.stonex.com/services/auth/sso/OktaOIDC HTTP 302
https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F%2Fmy.stonex.com%2Fservices%2Fauthcallback%2FOktaOIDC&response_type=code&scope=email+profile+openid+Identity.Api+offline_access+pilot_assignments&state=CAAAAYCoCu98MDAwMDAwMDAwMDAwMDAwAAAA7H4oPIEj2LIWEK6wXYnrSvqL-OgEFRgTyjZ8K4Iz-EJjNIMDPRzWlErKbfkDrFZehvhhoU9ymjDi8VuJcpiWDNV3Ou5wLcVuOWGNfNV9zABgiceGbu5245rGvuTaG8oaA63MMJTz9P0biH1RFoMzBwyC5veLhvwFk7QfVlk4gzbWgcx6G3Vc6eXPVZ6-i4Rlms9QdS-dwM8uZ4djdWTclt-60x7PZZt4s0PFvtHYUWSQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://my.stonex.com/ HTTP 301
https://my.stonex.com/ HTTP 301
https://my.stonex.com/s/ HTTP 301
https://my.stonex.com/s/?language=en_US

Request Chain 3

https://micms.intlfcstone.com/articles-external-stylesheet.css?v=10022020 HTTP 301
https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
my.stonex.com/s/
Redirect Chain

http://my.stonex.com/
https://my.stonex.com/
https://my.stonex.com/s/
https://my.stonex.com/s/?language=en_US

143 KB
35 KB

327ms
327ms

Document
text/html

160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

53106a13975bcef1382b6a890aac38a1eb1c8ab244f3191ad9585940da49a3ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Mon, 09 May 2022 08:43:46 GMT
Expires: Sun, 09 May 2021 08:43:46 GMT
Last-Modified: Sun, 09 May 2021 08:43:46 GMT
Link: </s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.5-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js>;rel=preload;as=script;nopush
Referrer-Policy: origin-when-cross-origin
Server-Timing: Total;dur=121
Strict-Transport-Security: max-age=63072000; includeSubDomains
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Origin, Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Security-Policy: upgrade-insecure-requests
Date: Mon, 09 May 2022 08:43:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://my.stonex.com/s/?language=en_US
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aura_prod.js Show response
my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/ 756 KB
239 KB 133ms
45ms Script
text/javascript 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

16ea004407145077ab31e3c5aa44176e12bfd3a124a554ac28fdb0c26180f8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 06:52:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 6700
Server-Timing: Total;dur=21
Content-Length: 244117
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 08 May 2022 06:52:08 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server-Timing
Cache-Control: max-age=31536000,public,immutable
Timing-Allow-Origin: *

GET
H/1.1 200
OK app.js Show response
my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.5-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%... 2 MB
448 KB 484ms
395ms Script
text/javascript 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.5-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

5c15e0865e000559c8870b938c252322ddc6e1bb95b71ec52ff8e330f905dda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:47 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 08 May 2022 08:43:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2

200

articles-external-stylesheet.css
micms.stonex.com/
Redirect Chain

https://micms.intlfcstone.com/articles-external-stylesheet.css?v=10022020
https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

49 KB
6 KB

1241ms
133ms

Stylesheet
text/css

52.254.21.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

Server

52.254.21.34 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

66bc89edd5273298a0e31ffbff8f356aee2434ba0af16641834e7d2ff5328d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 08:43:49 GMT
via: 1.1 varnish (Varnish/6.5)
content-type: text/css
last-modified: Mon, 02 May 2022 23:23:19 GMT
server: nginx/1.19.1
age: 1
etag: W/"627067e7-c4a7"
vary: Accept-Encoding
x-varnish: 234289 234283
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
purge-cache-tags: HIT

Redirect headers

location: https://micms.stonex.com/articles-external-stylesheet.css?v=10022020
date: Mon, 09 May 2022 08:43:48 GMT
server: nginx/1.19.1
content-length: 169
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK fonts.css
my.stonex.com/s/sfsites/runtimedownload/ 28 KB
21 KB 135ms
133ms Stylesheet
text/css 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/runtimedownload/fonts.css?lastMod=1623935200000&brandSet=e186c143-b8c2-492c-a2a8-80765f3adbc3

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

608d7e7e582c00238be81142d96a3c692dee2644a40eed9604f4f85ba055d2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:47 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Jun 2021 13:06:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: public,max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Tue, 09 May 2023 08:43:47 GMT

GET
H/1.1 200
OK resources.js Show response
my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsi... 17 KB
5 KB 332ms
244ms Script
text/javascript 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

aec38a7ae8a7382fd346391bcbf0fcdb5cbc4693fcb6e5ada81351cb5e3f77be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:47 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 08 May 2022 08:43:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,private,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.js Show response
my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsi... 634 KB
125 KB 500ms
412ms Script
text/javascript 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%229P7x07aHbV-yyypFaEYZDw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22e186c143-b8c2-492c-a2a8-80765f3adbc3%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%2287%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22AFxJq08iDtBp0Q4j8fvNqTqM6PS8N8%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%220f538ebc-559e-4a7f-bff4-209e25d113c2%22%7D

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

34549621cfee38ceed6b94f1a5ac751610a870cd0197bab8d4dbac58d8ee8250

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:47 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 08 May 2022 08:43:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 407 B
823 B 181ms
63ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Crimson+Text:wght@600&display=swap

Requested by

Host: micms.stonex.com
URL: https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b2c0614c8d4478e35c62e7bb062db5bd5cf1427075ea6cd0c4c6d678b1f5724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://micms.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 08:43:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 08:43:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 08:43:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
584 B 182ms
65ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish&display=swap

Requested by

Host: micms.stonex.com
URL: https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55cabe78897bf35e5a842d2055fc15000d966d5837d96b6be6f865ea369d01b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://micms.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 08:43:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 08:43:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 08:43:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
582 B 181ms
64ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@600&display=swap

Requested by

Host: micms.stonex.com
URL: https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c4d29635ba36e4489d732ebf43de5f8644318a49eb9b7b26db9040a24988b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://micms.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 08:43:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 08:43:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 08:43:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
622 B 187ms
70ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: micms.stonex.com
URL: https://micms.stonex.com/articles-external-stylesheet.css?v=10022020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://micms.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 07:08:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 08:43:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 08:43:49 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 222ms
54ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host:
URL: twttrmarkup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Age: 1011
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:38:34 GMT
Server: ECS (frb/67AA)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK app.css
my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDp... 973 KB
121 KB 193ms
193ms Stylesheet
text/css 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22rdYR4jPbSopjdaC7Ixl9mw%22%2C%22cuid%22%3A401803237%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22e186c143-b8c2-492c-a2a8-80765f3adbc3%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%2287%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22AFxJq08iDtBp0Q4j8fvNqTqM6PS8N8%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%220f538ebc-559e-4a7f-bff4-209e25d113c2%22%7D&2

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

d65f9018b0f7a9ed1231831496321b55b3159e6d1220f6a80f8a2066e2c828ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:49 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 08 May 2022 08:43:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aura Show response
my.stonex.com/s/sfsites/ 98 KB
20 KB 205ms
205ms XHR
application/json 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%225fc075de-10f5-4045-bea7-153859d5f5e2%22%2C%22routeType%22%3A%22home%22%2C%22themeLayoutType%22%3A%22AFxJq08iDtBp0Q4j8fvNqTqM6PS8N8%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22viewid%22%3A%2277b9703f-45ea-497b-aec7-0c07f6d6e456%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A87%2C%22brandingSetId%22%3A%22e186c143-b8c2-492c-a2a8-80765f3adbc3%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22apck%22%3A%229P7x07aHbV-yyypFaEYZDw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

f24b9d68b5c1ea291b4e2c31349983597620c7b938618e593a7dcc4a3e38b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
accept-language: en-GB,en;q=0.9
X-SFDC-Page-Scope-Id: 4d713849-d4bf-4ffe-a3ec-cc21f2ab75d2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 08 May 2022 08:43:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 08:43:50 GMT

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
535 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

770c358f45bcd0d497152ea7d7a6b05726cd6e97c2af8b45750a9f46bb05f754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 08:43:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 08:43:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 08:43:50 GMT

GET
H/1.1 200
OK mercuryGlobal.css
my.stonex.com/resource/1632261772000/mercuryGlobalCSS/ 11 KB
3 KB 155ms
155ms Stylesheet
text/css 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/resource/1632261772000/mercuryGlobalCSS/mercuryGlobal.css

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

f25755c00b945539dc19c7fa142007622adfe3a24372dfb7cf353ae78f70f6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 21 Sep 2021 22:02:52 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 2238
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:43:50 GMT

GET
H/1.1 200
OK mercuryOverrideCSS.css
my.stonex.com/resource/1560466176000/mercuryOverrideCSS/ 3 KB
1 KB 45ms
45ms Stylesheet
text/css 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/resource/1560466176000/mercuryOverrideCSS/mercuryOverrideCSS.css

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

9b9296f4bf40be17ac4cd015ac2a63ecd72dafd680c190ec70d9050b974bd2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:40:04 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 13 Jun 2019 22:49:36 GMT
Age: 226
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 781
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:40:04 GMT

GET
H/1.1 200
OK mercCommonUtil Show response
my.stonex.com/resource/1613516743000/ 2 KB
1 KB 193ms
193ms XHR
application/javascript 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/resource/1613516743000/mercCommonUtil

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

6617f32f1df9ae7ee6afcc9043d150ab2728dc65180b9b42df6ca8a08b5a2d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 16 Feb 2021 23:05:43 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Length: 775
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:43:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4140
date: Mon, 09 May 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 09 May 2022 09:34:50 GMT

GET
H/1.1 200
OK StoneX_Logo.svg
my.stonex.com/resource/1628805750000/intl_assets/ 3 KB
2 KB 45ms
44ms Image
image/svg+xml 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.stonex.com/resource/1628805750000/intl_assets/StoneX_Logo.svg

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

15167f60d9c85115efe704b6abd048178d5a05d6395a2eec66c93ccd4786b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:37:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 12 Aug 2021 22:02:30 GMT
Age: 404
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Length: 1437
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:37:06 GMT

GET
H/1.1 200
OK StoneX_Logo_Mobile.svg
my.stonex.com/resource/1628805750000/intl_assets/ 3 KB
2 KB 136ms
136ms Image
image/svg+xml 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.stonex.com/resource/1628805750000/intl_assets/StoneX_Logo_Mobile.svg

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

3a89dd3a7e8278f817c13c087aad5f3e07e564148bfc2c797cb1d7908486c757

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 12 Aug 2021 22:02:30 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/svg+xml
Vary: Accept-Encoding
Content-Length: 1289
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:43:50 GMT

GET
H/1.1 200
OK StoneX_Color_Ribbon.png
my.stonex.com/resource/1628805750000/intl_assets/ 626 B
1 KB 180ms
139ms Image
image/png 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.stonex.com/resource/1628805750000/intl_assets/StoneX_Color_Ribbon.png

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

c64b61ae312f0bac16630862c43fdc4ed26bb6abcfc9b3530d46d7adaf7d7ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 12 Aug 2021 22:02:30 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 626
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:43:50 GMT

GET
H/1.1 200
OK Roboto-Regular.woff2
my.stonex.com/s/sfsites/c/resource/fonts/ 64 KB
65 KB 69ms
44ms Font
application/octet-stream 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/c/resource/fonts/Roboto-Regular.woff2

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
Origin: https://my.stonex.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 08:28:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Apr 2019 16:08:44 GMT
Age: 918
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/octet-stream
Content-Length: 65916
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 08:28:32 GMT

POST
H/1.1 200
OK aura Show response
my.stonex.com/s/sfsites/ 111 KB
32 KB 233ms
176ms XHR
application/json 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/aura?r=1&aura.Component.getComponent=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

59a84dc03f2a87f67ac3f9187fba5fece7317210952aebab91de3fee63c60c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
X-SFDC-Page-Cache: edb90b9c330059c7
accept-language: en-GB,en;q=0.9
X-SFDC-Page-Scope-Id: 4d713849-d4bf-4ffe-a3ec-cc21f2ab75d2
X-SFDC-Request-Id: 4244000000e105f502
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 09 May 2021 08:43:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=40
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 08:43:50 GMT

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame A8EF 319 KB
104 KB 54ms
54ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fmy.stonex.com
Requested by: Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://my.stonex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 400219
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Mon, 09 May 2022 08:43:50 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 13 Apr 2022 12:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C1)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H/1.1 200
OK aura
my.stonex.com/s/sfsites/ 1 KB
1 KB 189ms
189ms XHR
application/json 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/aura?r=2&other.merc_ProviderCommonCtrl.getUserDetails=1

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
X-SFDC-Page-Cache: edb90b9c330059c7
accept-language: en-GB,en;q=0.9
X-SFDC-Page-Scope-Id: 4d713849-d4bf-4ffe-a3ec-cc21f2ab75d2
X-SFDC-Request-Id: 4373500000afea3c7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 09 May 2021 08:43:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=59
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 08:43:50 GMT

GET
H/1.1 200
OK intro-loader.gif
my.stonex.com/resource/1628805750000/intl_assets/ 77 KB
78 KB 45ms
44ms Image
image/gif 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.stonex.com/resource/1628805750000/intl_assets/intro-loader.gif

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

4bef79426b1e809dfe59c68db29146c3a0e266bee4e1cf3be941cf2479ce993c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/s/?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 06:41:38 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 12 Aug 2021 22:02:30 GMT
Age: 7332
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/gif
Content-Length: 79172
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Jun 2022 06:41:38 GMT

GET
H2 200 settings
syndication.twitter.com/ Frame A8EF 120 B
407 B 246ms
147ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cc64a812978d878c970c99d64968a28eafb52857

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fmy.stonex.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 09 May 2022 08:43:50 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 08:43:50 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 40754d933e0908eafdf2f40c65c7d6ca769061475452072e63dd1ed551b3f131
content-length: 126

POST
H3 200 collect
www.google-analytics.com/j/ 4 B
24 B 169ms
61ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=113744869&t=pageview&_s=1&dl=https%3A%2F%2Fmy.stonex.com%2Fs%2F%3Flanguage%3Den_US&dp=%2Fs%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=184319603&gjid=293100858&cid=1337383923.1652085830&uid=0050h00000EBrbI&tid=UA-135190328-1&_gid=1004060648.1652085830&_r=1&_slc=1&z=1798146030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.stonex.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 May 2022 08:43:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.stonex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Primary Request authorize Show response
auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/
Redirect Chain

https://my.stonex.com/services/auth/sso/OktaOIDC
https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F%2Fmy.stonex.com%2Fservices%2Fauthcallback%2FOktaOIDC&response_type=code&scop...

16 KB
7 KB

988ms
502ms

Document
text/html

35.81.67.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F%2Fmy.stonex.com%2Fservices%2Fauthcallback%2FOktaOIDC&response_type=code&scope=email+profile+openid+Identity.Api+offline_access+pilot_assignments&state=CAAAAYCoCu98MDAwMDAwMDAwMDAwMDAwAAAA7H4oPIEj2LIWEK6wXYnrSvqL-OgEFRgTyjZ8K4Iz-EJjNIMDPRzWlErKbfkDrFZehvhhoU9ymjDi8VuJcpiWDNV3Ou5wLcVuOWGNfNV9zABgiceGbu5245rGvuTaG8oaA63MMJTz9P0biH1RFoMzBwyC5veLhvwFk7QfVlk4gzbWgcx6G3Vc6eXPVZ6-i4Rlms9QdS-dwM8uZ4djdWTclt-60x7PZZt4s0PFvtHYUWSQ

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.67.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-67-0.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

600762293b40febca6588a7477977febb9980d0656ee157df3ba4c986ad4aa6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://my.stonex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 09 May 2022 08:43:51 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
cache-control: no-cache, no-store
content-language: en
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-okta-request-id: YnjURz0c4efxnRwjOFKYEgAAASs
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1652085891
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: file:; frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; font-src https: data: blob: file:; connect-src 'self' https:; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=communities
Date: Mon, 09 May 2022 08:43:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F%2Fmy.stonex.com%2Fservices%2Fauthcallback%2FOktaOIDC&response_type=code&scope=email+profile+openid+Identity.Api+offline_access+pilot_assignments&state=CAAAAYCoCu98MDAwMDAwMDAwMDAwMDAwAAAA7H4oPIEj2LIWEK6wXYnrSvqL-OgEFRgTyjZ8K4Iz-EJjNIMDPRzWlErKbfkDrFZehvhhoU9ymjDi8VuJcpiWDNV3Ou5wLcVuOWGNfNV9zABgiceGbu5245rGvuTaG8oaA63MMJTz9P0biH1RFoMzBwyC5veLhvwFk7QfVlk4gzbWgcx6G3Vc6eXPVZ6-i4Rlms9QdS-dwM8uZ4djdWTclt-60x7PZZt4s0PFvtHYUWSQ
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
440 B 167ms
55ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135190328-1&cid=1337383923.1652085830&jid=184319603&uid=0050h00000EBrbI&gjid=293100858&_gid=1004060648.1652085830&_u=YEBAAEAAAAAAAC~&z=1353715350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.stonex.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 May 2022 08:43:50 GMT
content-type: text/plain
access-control-allow-origin: https://my.stonex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aura
my.stonex.com/s/sfsites/ 2 KB
1 KB 359ms
359ms XHR
application/json 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/aura?r=3&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
X-SFDC-Page-Cache: edb90b9c330059c7
accept-language: en-GB,en;q=0.9
X-SFDC-Page-Scope-Id: 4d713849-d4bf-4ffe-a3ec-cc21f2ab75d2
X-SFDC-Request-Id: 4612590000eae41b4f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 09 May 2021 08:43:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=184
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 08:43:50 GMT

POST
H/1.1 200
OK aura
my.stonex.com/s/sfsites/ 1 KB
1 KB 144ms
144ms XHR
application/json 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/aura?r=4&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
X-SFDC-Page-Cache: edb90b9c330059c7
accept-language: en-GB,en;q=0.9
X-SFDC-Page-Scope-Id: 4d713849-d4bf-4ffe-a3ec-cc21f2ab75d2
X-SFDC-Request-Id: 46158900002e67c7cb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 09 May 2021 08:43:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=14
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 08:43:50 GMT

POST
H/1.1 200
OK aura
my.stonex.com/s/sfsites/ 1 KB
1 KB 153ms
153ms XHR
application/json 160.8.1.253
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://my.stonex.com/s/sfsites/aura?r=5&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.getAllowedPostMessageOrigins=1

Requested by

Host: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

160.8.1.253 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.stonex.com/s/?language=en_US
accept-language: en-GB,en;q=0.9
X-SFDC-Page-Scope-Id: 4d713849-d4bf-4ffe-a3ec-cc21f2ab75d2
X-SFDC-Request-Id: 46405000009513fca2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 09 May 2022 08:43:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 09 May 2021 08:43:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=21
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 08:43:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 195ms
78ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135190328-1&cid=1337383923.1652085830&jid=184319603&_u=YEBAAEAAAAAAAC~&z=1285528346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 08:43:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 195ms
79ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135190328-1&cid=1337383923.1652085830&jid=184319603&_u=YEBAAEAAAAAAAC~&z=1285528346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://my.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 08:43:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST auraAnalytics
my.stonex.com/s/sfsites/ 0
0

GET
H2 200 okta-sign-in.min.js Show response
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/js/ 2 MB
489 KB 254ms
115ms Script
application/javascript 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/js/okta-sign-in.min.js

Requested by

Host: auth.stonex.com
URL: https://auth.stonex.com/oauth2/ausc0uj2v6KKUirNz696/v1/authorize?client_id=0oau7683tvZZ9u54R696&redirect_uri=https%3A%2F%2Fmy.stonex.com%2Fservices%2Fauthcallback%2FOktaOIDC&response_type=code&scope=email+profile+openid+Identity.Api+offline_access+pilot_assignments&state=CAAAAYCoCu98MDAwMDAwMDAwMDAwMDAwAAAA7H4oPIEj2LIWEK6wXYnrSvqL-OgEFRgTyjZ8K4Iz-EJjNIMDPRzWlErKbfkDrFZehvhhoU9ymjDi8VuJcpiWDNV3Ou5wLcVuOWGNfNV9zABgiceGbu5245rGvuTaG8oaA63MMJTz9P0biH1RFoMzBwyC5veLhvwFk7QfVlk4gzbWgcx6G3Vc6eXPVZ6-i4Rlms9QdS-dwM8uZ4djdWTclt-60x7PZZt4s0PFvtHYUWSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

10a6554760fdeb9f6891370ad7623d3c91e5ed4b92030ca4401defb9920c6d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:18:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 469545
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 03 May 2022 21:56:57 GMT
server: nginx
etag: W/"d3563f7e38a462067354936cbad96054"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: application/javascript
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5ecipEhk0Gt37YcbHAk4mAEBlJAHFcfi5aTDf-EJ2sqN1MvC97HImA==
expires: Wed, 03 May 2023 22:18:06 GMT

GET
H2 200 okta-sign-in.min.css
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/ 212 KB
37 KB 202ms
64ms Stylesheet
text/css 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3011ac37db3ab52f05a02c13e9b3754c8b784fec9b781193cff3376cb5aa9428

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:18:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 469545
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 03 May 2022 21:56:47 GMT
server: nginx
etag: W/"0ffd19609b5a83eeff9b42393d585140"
strict-transport-security: max-age=315360000; includeSubDomains
content-type: text/css
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KufFo7bpd4_v2i5pAenDTJIssQJxsR_gQbB5qXpfhb2eLC4lDFDnYA==
expires: Wed, 03 May 2023 22:18:06 GMT

GET
H2 200 loginpage-theme.6ca7f7a516a56275837982a82a0a7533.css
ok14static.oktacdn.com/assets/loginpage/css/ 3 KB
2 KB 252ms
113ms Stylesheet
text/css 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/loginpage/css/loginpage-theme.6ca7f7a516a56275837982a82a0a7533.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

275808002d37771e00fc126cd4c7ffd593c773c4cf7aebf81a2192292917455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
etag: W/"6ca7f7a516a56275837982a82a0a7533"
age: 810573
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 22 Mar 2022 20:43:24 GMT
server: nginx
date: Fri, 29 Apr 2022 23:34:18 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1B_q7GlJpg9wGE7ah84pQrae4VF5HsgBAx6MPQGDbDjeNfPG3x_8Ng==
expires: Sat, 29 Apr 2023 23:34:18 GMT

GET
H/1.1 200
OK style-sheet
auth.stonex.com/api/internal/brand/theme/ 556 B
1 KB 225ms
225ms Stylesheet
text/css 35.81.67.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stonex.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=28d025743b8fc0765a7cfe4c08fdf2a9

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.67.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-67-0.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-okta-request-id: YnjURz0c4efxnRwjOFKYFAAAASs
Date: Mon, 09 May 2022 08:43:51 GMT
Content-Encoding: gzip
x-rate-limit-limit: 2400
x-rate-limit-remaining: 2397
content-security-policy-report-only: frame-ancestors 'self'
p3p: CP="HONK"
Connection: Keep-Alive
Vary: Accept-Encoding
x-xss-protection: 0
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Type: text/css
cache-control: max-age=31536000, must-revalidate
Transfer-Encoding: chunked
x-rate-limit-reset: 1652085890
Keep-Alive: timeout=5, max=99
x-content-type-options: nosniff
expires: Tue, 09 May 2023 08:43:51 GMT

GET
H2 200 initLoginPage.pack.a6e92cf2329003c0eb0102ac64ef5f1d.js Show response
ok14static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
76 KB 178ms
57ms Script
application/javascript 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.a6e92cf2329003c0eb0102ac64ef5f1d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ac376323e65d78aab60feb0f3bf2e0988d02e16eebe7ff0bc1d92086d2f173b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer
Origin: https://auth.stonex.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
etag: W/"a6e92cf2329003c0eb0102ac64ef5f1d"
age: 640070
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 22 Mar 2022 20:43:37 GMT
server: nginx
date: Sun, 01 May 2022 22:56:02 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TGDIY-kJ3BO8hfu08lFhnKtOTR8UjqwLHJh27INBl8MhF5IInEMYpA==
expires: Mon, 01 May 2023 22:56:02 GMT

GET
H2 200 fs01quck8WSCQbZk8696
ok14static.oktacdn.com/fs/bco/7/ 1 MB
2 MB 61ms
61ms Image
image/jpeg 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok14static.oktacdn.com/fs/bco/7/fs01quck8WSCQbZk8696

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f6e222de2e6eb37d2933c29e3f6c875e3810ae3bca1f5f8fba14eb602d6f84da

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://auth.stonex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:16:53 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
age: 1646819
x-cache: Hit from cloudfront
content-length: 1572111
last-modified: Wed, 08 Sep 2021 18:30:35 GMT
server: nginx
etag: "dafe50de969bc02bbb769c5ccf1f4ce1"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: jw3J0Xk1BQnWZZiTJNXtVlg4-gATsrIhz-agQolwWgtV0ay_1Ue-Sg==
expires: Thu, 20 Apr 2023 07:16:53 GMT

GET
H/1.1 200
OK iframe.html Show response
login.okta.com/discovery/ Frame 4251 546 B
986 B 177ms
51ms Document
text/html 13.226.132.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.okta.com/discovery/iframe.html
Requested by: Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.a6e92cf2329003c0eb0102ac64ef5f1d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c71558cf94e0875c93b552d52dd5974ae4697ba14e5a8d7c3694247a291ca9b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 31269
Connection: keep-alive
Content-Length: 546
Content-Type: text/html
Date: Mon, 09 May 2022 00:02:44 GMT
ETag: "718a4c5e710186377bad84fea3c1ebec"
Last-Modified: Thu, 13 Jan 2022 19:10:54 GMT
Server: AmazonS3
Via: 1.1 0406d08716a9781a5c19ff86db2debd2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 0yT5MNJzxfFJDlf1kyYeeC-zNLdY5Cz-HCE1ssm86wMtfC-i9cN7Tw==
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Hit from cloudfront

GET
H2 200 fs01qu8tj4xNDyBf6696
ok14static.oktacdn.com/fs/bco/1/ 5 KB
5 KB 63ms
63ms Image
image/png 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok14static.oktacdn.com/fs/bco/1/fs01qu8tj4xNDyBf6696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

76a73fc7561c42455cb3294afd6d82e2d7866c2c3152376b23087a1c39a53eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 07:16:53 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
age: 1646819
x-cache: Hit from cloudfront
content-length: 4790
last-modified: Wed, 08 Sep 2021 18:30:50 GMT
server: nginx
etag: "35112addf2e91b6494076766a5f8ec56"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: Qf_WjRoA3ZAB7GZvfmF5ZslITDcTgbNp5UNOTn25bz927JI5N4UX4Q==
expires: Thu, 20 Apr 2023 07:16:53 GMT

POST
H/1.1 200
OK introspect Show response
auth.stonex.com/api/v1/authn/ 1 KB
2 KB 257ms
256ms Fetch
application/json 35.81.67.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.stonex.com/api/v1/authn/introspect

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/js/okta-sign-in.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.67.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-67-0.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cecbe73c3801f28662a1cafbb26aa3bb92ec094a6baec37f7c9092faada6d17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
X-Okta-User-Agent-Extended: okta-auth-js/6.0.0 okta-signin-widget-6.2.1
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: YnjUSD0c4efxnRwjOFKYGAAAASs
Date: Mon, 09 May 2022 08:43:52 GMT
Content-Encoding: gzip
x-rate-limit-limit: 600
x-rate-limit-remaining: 597
content-security-policy-report-only: frame-ancestors 'self'
p3p: CP="HONK"
Connection: Keep-Alive
Vary: Accept-Encoding,Origin
x-xss-protection: 0
pragma: no-cache
access-control-allow-headers: Content-Type
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Type: application/json
access-control-allow-origin: https://auth.stonex.com
cache-control: no-cache, no-store
Transfer-Encoding: chunked
x-rate-limit-reset: 1652085890
access-control-allow-credentials: true
Keep-Alive: timeout=5, max=98
x-content-type-options: nosniff
expires: 0

GET
H2 200 default.png
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/img/security/ 2 KB
3 KB 58ms
57ms Image
image/png 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/img/security/default.png

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:20:38 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
age: 469394
x-cache: Hit from cloudfront
content-length: 1800
last-modified: Tue, 03 May 2022 21:56:57 GMT
server: nginx
etag: "04eeeba5b3538c4524d8e6828ba2c405"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: GIlgP9Oy1k1Jno5hyEG6zV6GvQ5a8L9xJ1DN3kDDVUSL6Gj2QzZkEw==
expires: Wed, 03 May 2023 22:20:38 GMT

GET
H2 200 montserrat-light-webfont.woff
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/font/ 22 KB
22 KB 65ms
65ms Font
application/font-woff 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/font/montserrat-light-webfont.woff

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css
Origin: https://auth.stonex.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:18:07 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age: 469545
x-cache: Hit from cloudfront
content-length: 22112
last-modified: Tue, 03 May 2022 21:56:48 GMT
server: nginx
etag: "6225f3ca44b83090833064727a09cc95"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: kmrOOnL3GzZruQ_qUySXyzDl_5Mq9ATtNMauvA4BLc0o4ORNcygb6w==
expires: Wed, 03 May 2023 22:18:07 GMT

GET
H/1.1 200
OK discoveryIframe-82e613074a3700abe11a.min.js Show response
login.okta.com/lib/ Frame 4251 96 KB
96 KB 56ms
56ms Script
application/javascript 13.226.132.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.okta.com/lib/discoveryIframe-82e613074a3700abe11a.min.js
Requested by: Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e899060d294cd2e7db4544c88c031272590fe5f9b72a8334dc42ee1f1868ce6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.okta.com/discovery/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 22:39:26 GMT
Via: 1.1 0406d08716a9781a5c19ff86db2debd2.cloudfront.net (CloudFront)
Last-Modified: Thu, 13 Jan 2022 19:10:55 GMT
Server: AmazonS3
Age: 36267
ETag: "70070512d01d6451663d06e41f3a5913"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 97948
X-Amz-Cf-Id: QWyBkgtsZtkxeTOBH5VXbpvGJ-sBZHo1yp_wgEJEcodf7BAd4mnGlw==

GET
H2 200 montserrat-regular-webfont.woff
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/font/ 21 KB
22 KB 65ms
65ms Font
application/font-woff 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/font/montserrat-regular-webfont.woff

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-55.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.2.1/css/okta-sign-in.min.css
Origin: https://auth.stonex.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:18:07 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age: 469544
x-cache: Hit from cloudfront
content-length: 21980
last-modified: Tue, 03 May 2022 21:56:48 GMT
server: nginx
etag: "8f2822b73b5f9c106c6f2e0db820bcbb"
strict-transport-security: max-age=315360000; includeSubDomains
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/font-woff
x-amz-cf-id: 4E6XZNAa8LXOpKZn0v6-TF-Ek1-XU6N0Ljx28LY-8PXJdWsHEgJ1gw==
expires: Wed, 03 May 2023 22:18:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: my.stonex.com
URL: https://my.stonex.com/s/sfsites/auraAnalytics

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.my.stonex.com/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%220f538ebc-559e-4a7f-bff4-209e25d113c2%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22e186c143-b8c2-492c-a2a8-80765f3adbc3%22%2C%22audienceIds%22%3A%22%22%7D
my.stonex.com/	1970-01-20 11:40:21	Name: CookieConsentPolicy Value: 0:1
my.stonex.com/	1970-01-20 11:40:21	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.my.stonex.com/	1970-01-20 11:40:21	Name: CookieConsentPolicy Value: 0:0
.my.stonex.com/	1970-01-20 11:40:21	Name: LSKey-c$CookieConsentPolicy Value: 0:0
my.stonex.com/	1970-01-20 02:54:56	Name: force-stream Value: !nyxIEhVPqQZhz+ifEjXdsT8a9cn/UaD+F7WG5lewzO/wapUj/XwhYXfeGFuNChA1bdOkrmnYyvaNwg==
.stonex.com/	1970-01-20 20:25:57	Name: _ga Value: GA1.2.1337383923.1652085830
.stonex.com/	1970-01-20 02:56:12	Name: _gid Value: GA1.2.1004060648.1652085830
.stonex.com/	1970-01-20 02:54:45	Name: _gat Value: 1
my.stonex.com/	1970-01-20 11:40:21	Name: pctrk Value: 4f71fbf4-2d7f-4129-94fb-c06c932eca10
my.stonex.com/	1969-12-31 23:59:59	Name: idccsrf Value: -23657314879461002371652085830619-8390166845558616295
auth.stonex.com/	1969-12-31 23:59:59	Name: t Value: default
auth.stonex.com/	1970-01-20 20:25:57	Name: DT Value: DI0BeS58lwdRO-xO-lqysDHtA
auth.stonex.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7C320AE6EA905C15BCE74D9D9D50147D
auth.stonex.com/	1970-01-20 02:54:49	Name: oktaStateToken Value: 00dz0YaY4DvmfBw6HLvJJzPX3djrbuIWZh0onTWvQX

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.stonex.com
fonts.googleapis.com
login.okta.com
micms.intlfcstone.com
micms.stonex.com
my.stonex.com
ok14static.oktacdn.com
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
www.google-analytics.com
www.google.com
www.google.de
my.stonex.com
104.244.42.8
13.226.132.37
143.204.98.55
160.8.1.253
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
35.81.67.0
52.254.21.34
10a6554760fdeb9f6891370ad7623d3c91e5ed4b92030ca4401defb9920c6d25
15167f60d9c85115efe704b6abd048178d5a05d6395a2eec66c93ccd4786b4f3
16ea004407145077ab31e3c5aa44176e12bfd3a124a554ac28fdb0c26180f8a4
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
275808002d37771e00fc126cd4c7ffd593c773c4cf7aebf81a2192292917455c
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
3011ac37db3ab52f05a02c13e9b3754c8b784fec9b781193cff3376cb5aa9428
34549621cfee38ceed6b94f1a5ac751610a870cd0197bab8d4dbac58d8ee8250
3a89dd3a7e8278f817c13c087aad5f3e07e564148bfc2c797cb1d7908486c757
4bef79426b1e809dfe59c68db29146c3a0e266bee4e1cf3be941cf2479ce993c
53106a13975bcef1382b6a890aac38a1eb1c8ab244f3191ad9585940da49a3ee
55cabe78897bf35e5a842d2055fc15000d966d5837d96b6be6f865ea369d01b5
59a84dc03f2a87f67ac3f9187fba5fece7317210952aebab91de3fee63c60c8a
5c15e0865e000559c8870b938c252322ddc6e1bb95b71ec52ff8e330f905dda1
5c4d29635ba36e4489d732ebf43de5f8644318a49eb9b7b26db9040a24988b4b
600762293b40febca6588a7477977febb9980d0656ee157df3ba4c986ad4aa6e
608d7e7e582c00238be81142d96a3c692dee2644a40eed9604f4f85ba055d2c9
6617f32f1df9ae7ee6afcc9043d150ab2728dc65180b9b42df6ca8a08b5a2d73
66bc89edd5273298a0e31ffbff8f356aee2434ba0af16641834e7d2ff5328d05
76a73fc7561c42455cb3294afd6d82e2d7866c2c3152376b23087a1c39a53eae
770c358f45bcd0d497152ea7d7a6b05726cd6e97c2af8b45750a9f46bb05f754
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
9b2c0614c8d4478e35c62e7bb062db5bd5cf1427075ea6cd0c4c6d678b1f5724
9b9296f4bf40be17ac4cd015ac2a63ecd72dafd680c190ec70d9050b974bd2ea
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac376323e65d78aab60feb0f3bf2e0988d02e16eebe7ff0bc1d92086d2f173b3
aec38a7ae8a7382fd346391bcbf0fcdb5cbc4693fcb6e5ada81351cb5e3f77be
c64b61ae312f0bac16630862c43fdc4ed26bb6abcfc9b3530d46d7adaf7d7ddd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c71558cf94e0875c93b552d52dd5974ae4697ba14e5a8d7c3694247a291ca9b8
cecbe73c3801f28662a1cafbb26aa3bb92ec094a6baec37f7c9092faada6d17b
d65f9018b0f7a9ed1231831496321b55b3159e6d1220f6a80f8a2066e2c828ad
da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434
e899060d294cd2e7db4544c88c031272590fe5f9b72a8334dc42ee1f1868ce6a
f24b9d68b5c1ea291b4e2c31349983597620c7b938618e593a7dcc4a3e38b15d
f25755c00b945539dc19c7fa142007622adfe3a24372dfb7cf353ae78f70f6f2
f6e222de2e6eb37d2933c29e3f6c875e3810ae3bca1f5f8fba14eb602d6f84da
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

auth.stonex.com Open in urlscan Pro 35.81.67.0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

50 %IPv6

10 Domains

13 Subdomains

13 IPs

4 Countries

3670 kBTransfer

9364 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auth.stonex.com Open in urlscan Pro
35.81.67.0 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

3670 kB
Transfer

9364 kB
Size

15
Cookies

50 HTTP transactions
0 data transactions