urlscan.io logo urlscan.io
SecurityTrails logo

www.gs.de Open in urlscan Pro
2.20.138.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gs.de/
Submission: On September 29 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 2.20.138.11, located in Munich, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.gs.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 24th 2021. Valid for: a year.
This is the only time www.gs.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2.20.138.11 20940 (AKAMAI-ASN1)
8 13.226.145.34 16509 (AMAZON-02)
22 2
Apex Domain
Subdomains		 Transfer
14 gs.de
www.gs.de
1 MB
8 ctfassets.net
images.ctfassets.net
286 KB
22 2
Domain Requested by
14 www.gs.de www.gs.de
8 images.ctfassets.net www.gs.de
22 2

This site contains links to these domains. Also see Links.

Domain
assets.ctfassets.net
classic.gs.de
Subject Issuer Validity Valid
cdn-ak-pipg-1.gs.com
DigiCert SHA2 Extended Validation Server CA		 2021-06-24 -
2022-06-29		 a year crt.sh
images.ctfassets.net
Amazon		 2021-03-19 -
2022-04-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.gs.de/
Frame ID: 3478E8CE20DD57F245BE221AAC763985
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

gs.de - Knock-Outs, Optionsscheine, Faktor-Zertifikate und andere AnlagezertifikateGoldman Sachs Logo

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1508 kB
Transfer

4123 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gs.de/ 		254 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
cf2b3af9bd3e7e50a2ee235870b02bafaf45219b8951af4d35604b6ed44ce4b4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' *.qualtrics.com; script-src 'self' 'unsafe-inline' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com; img-src 'self' images.ctfassets.net *.siteintercept.qualtrics.com; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self' https://*.akamaihd.net https://images.ctfassets.net https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com wss://www.gs.de; manifest-src 'self'; report-uri /api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a; frame-ancestors https://www.flatex.de https://www.flatex.at
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.flatex.de
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.gs.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
WebServer
content-security-policy
default-src 'none'; frame-src 'self' *.qualtrics.com; script-src 'self' 'unsafe-inline' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com; img-src 'self' images.ctfassets.net *.siteintercept.qualtrics.com; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self' https://*.akamaihd.net https://images.ctfassets.net https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com wss://www.gs.de; manifest-src 'self'; report-uri /api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a; frame-ancestors https://www.flatex.de https://www.flatex.at
x-dns-prefetch-control
off
x-frame-options
ALLOW-FROM https://www.flatex.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
surrogate-control
no-store
x-ua-compatible
IE=edge
content-type
text/html; charset=utf-8
vary
Origin Accept-Encoding
access-control-allow-origin
https://www.gsmarkets.be https://www.gsmarkets.nl https://www.gsmarkets.at https://www.gsmarkets.de https://flatex.gsmarkets.de https://flatex.gsmarkets.at https://www.gs.de https://beta.gsmarkets.nl https://beta.gsmarkets.de https://www.gsmarkets.fr https://www.goldmansachs.com.tr
content-encoding
gzip
expires
Wed, 29 Sep 2021 22:15:38 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 29 Sep 2021 22:15:38 GMT
set-cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; path=/; expires=Fri, 30 Sep 2022 04:04:48 GMT; samesite=strict; secure; httponly user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; path=/; samesite=strict; secure; httponly anon=true; path=/; samesite=strict; secure; httponly ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; Domain=.www.gs.de; Path=/; Expires=Thu, 30 Sep 2021 00:15:36 GMT; Max-Age=7198; HttpOnly
gs_us_user
false
/
www.gs.de/api/8/security/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
nginx/1.7.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
no-cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
report
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=
content-length
959
:path
/api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.gs.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 29 Sep 2021 22:15:38 GMT
server
nginx/1.7.9
x-frame-options
deny
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
vary
Accept-Language,Cookie
content-language
de
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
set-cookie
bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; Domain=.www.gs.de; Path=/; Max-Age=7200; HttpOnly
content-type
text/html; charset=utf-8
expires
Wed, 29 Sep 2021 22:15:38 GMT
snowplow.js
www.gs.de/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/snowplow.js?v=0.8.10.9
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
b87cf3a15725a9d1fd803979fecd412d06d247c13e8dc111c8fac1f5c19eb003
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/snowplow.js?v=0.8.10.9
pragma
no-cache
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
29455
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
https://www.gsmarkets.be https://www.gsmarkets.nl https://www.gsmarkets.at https://www.gsmarkets.de https://flatex.gsmarkets.de https://flatex.gsmarkets.at https://www.gs.de https://beta.gsmarkets.nl https://beta.gsmarkets.de https://www.gsmarkets.fr https://www.goldmansachs.com.tr
cache-control
max-age=0, no-cache, no-store
etag
"730f-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
iphone_products_with_rewards.jpg
images.ctfassets.net/42ch7ol4g0tf/5Wjw4X7fXB1xEkZ7aCGCjj/61d807f56524cf87d73a2cfaa6ed436c/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/5Wjw4X7fXB1xEkZ7aCGCjj/61d807f56524cf87d73a2cfaa6ed436c/iphone_products_with_rewards.jpg?fm=webp&q=60&w=1000
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
02157e6bd460d76a7acb4ab49da6ca0becf8826075ee8a880566006e87ab742e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:23:30 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Fri, 20 Aug 2021 05:33:01 GMT
server
Contentful Images API
age
57128
etag
"569cb9bccacf4ba96283bfdaf1ce0775"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
37600
x-amz-cf-id
WCnGY5eZZzS38XYW3KiT5Y0JxE8Jd7R9FNQTTuJfrqcXXc8VBWvYow==
rewards_section.png
images.ctfassets.net/42ch7ol4g0tf/3y0VBKdpx4wwselXHwnJRH/1d279b10675535ece1fbd285a5c52af0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/3y0VBKdpx4wwselXHwnJRH/1d279b10675535ece1fbd285a5c52af0/rewards_section.png?fm=webp&q=60&w=1000
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
d3a5a797188098a8ed24974425d28f506a6f89b6960a4a4f6403f0480e2756d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:24:01 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Mon, 20 Sep 2021 04:58:13 GMT
server
Contentful Images API
age
57097
etag
"f29dc20e807e8d9d2ab4fe74720adaa6"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
7980
x-amz-cf-id
zzLfoOd2ld6Mh1GYZzuSfD0JvhRaC9wIFCorVntavr8LSgVvDmnGtA==
home_know_how_DE.jpg.png
images.ctfassets.net/42ch7ol4g0tf/4u15hGUllIkmolE5Ui3HMl/af0f8f8e8f8cbcf7411615eb166caf7e/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/4u15hGUllIkmolE5Ui3HMl/af0f8f8e8f8cbcf7411615eb166caf7e/home_know_how_DE.jpg.png?fm=webp&q=60&w=1000
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
fdd3c686fd9b102c5f0d46f3c31c9d93676b906613cf2f5e46f0cd765d2bd876

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:17:45 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 07:02:19 GMT
server
Contentful Images API
age
10673
etag
"cc1e89098c3b68b1d95295684be2dd6f"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
21684
x-amz-cf-id
B6siX7epN8kz3ANexekWSA65ufuu7jGAQbwFpREaVmFqoZ32JlkCEg==
devices.jpg
images.ctfassets.net/42ch7ol4g0tf/5AgtHZdJjJi8pGKFRw1ooW/47d68167d8ad1efdb5434191ace0efd9/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/5AgtHZdJjJi8pGKFRw1ooW/47d68167d8ad1efdb5434191ace0efd9/devices.jpg?fm=webp&q=60&w=1000
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
5b00a9ed5234081e3c98b14ecb9877984f21e2e68f2c61c304241eda14be0a3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:23:30 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 07:02:18 GMT
server
Contentful Images API
age
57128
etag
"20dd08053e5705a34007ee0227364647"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
14100
x-amz-cf-id
cxbLVHbiKAdGBsiV9kn3uzIe-JeIoH90f4PLaOqloAqf5lzk0oZGBA==
gold_tier_banner_bg2.png
images.ctfassets.net/42ch7ol4g0tf/pKAqCdRzEKyRft3Regbs6/597707d507ce72beee1d3cc669557fab/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/pKAqCdRzEKyRft3Regbs6/597707d507ce72beee1d3cc669557fab/gold_tier_banner_bg2.png?fm=webp&q=60&w=1024
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
2395d8ab14198a62ddfd56d3598c4ff524f4ab8eff9b2f48d63f83278490b0bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:29:10 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Fri, 17 Sep 2021 14:18:56 GMT
server
Contentful Images API
age
9988
etag
"e1148889ee046456a34bab2c776a7c07"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
9648
x-amz-cf-id
BqNs8f-vDngcPA0DzZnIiVMu3pTCeWgVq7w0fCgCsrDmqQPpH9YmfA==
Carbon-image-final3.png
images.ctfassets.net/42ch7ol4g0tf/4wXnZ8I17k3MHXNWAqcRqu/79d4b827072141e09ab032c4d2a48436/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/4wXnZ8I17k3MHXNWAqcRqu/79d4b827072141e09ab032c4d2a48436/Carbon-image-final3.png?fm=webp&q=60&w=1024
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
e22fe6defdc54f1bc1156e7a5637a1ae9cd44bf8657e87181feb2e772b5e3e6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:50:22 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Sep 2021 06:49:14 GMT
server
Contentful Images API
age
55516
etag
"d100b920ee84640f234f0d08985e821c"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
35018
x-amz-cf-id
hlMhsrsZ0BRtP_f4hycb7MYSi7_ROFFzQp1ABcrGYptJZKTgRLKxRg==
copper-final.png
images.ctfassets.net/42ch7ol4g0tf/3s1dZmws4l2FeRGLGglwFt/c0b4cec6d397aaa3c463cd1aeda77833/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/3s1dZmws4l2FeRGLGglwFt/c0b4cec6d397aaa3c463cd1aeda77833/copper-final.png?fm=webp&q=60&w=1024
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
22399fd1c0c9214f8a2c1b8b39238c577b16fa69e82bd9af21604d547fe102b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:23:30 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Mon, 20 Sep 2021 07:49:12 GMT
server
Contentful Images API
age
57128
etag
"503fe0f1497e809d3dc1474d66c34575"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
156402
x-amz-cf-id
7pWjDR25eMc-0BA1Rh9Xmliszz4niz3qfApxnP_-OGq1tGtV16At3Q==
background.jpg
images.ctfassets.net/42ch7ol4g0tf/123DXwWlE6rgYUIfyqLIUf/35b943585f62c4ea6e897e3260d63b48/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/42ch7ol4g0tf/123DXwWlE6rgYUIfyqLIUf/35b943585f62c4ea6e897e3260d63b48/background.jpg?fm=webp&q=60&w=1024
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-34.dus51.r.cloudfront.net
Software
Contentful Images API /
Resource Hash
a4558190a7879c7c061b3a7e87a57b89e4c296108b907ef12698c1df49812406

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:47:51 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Mon, 30 Aug 2021 19:15:16 GMT
server
Contentful Images API
age
55667
etag
"d9788732cd527bf735617f6e92f275f2"
x-edge-origin-shield-skipped
0
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
content-length
7204
x-amz-cf-id
og43Ac2yYs4HhtSbvyTfz4zlg3WNC4ujb-EJ2YrRttkciN07Ydk4EQ==
publico-bold.woff
www.gs.de/ 		58 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/publico-bold.woff
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
11e5f9e99082b93ae0ca52e22f3c6420eb2fcd16b864bc1d6fdff4875615f994
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=
:path
/publico-bold.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Origin
content-length
59750
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
etag
"e966-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
roboto-regular.ttf
www.gs.de/ 		168 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/roboto-regular.ttf
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=
:path
/roboto-regular.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
90049
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
etag
"15fc1-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
roboto-medium.ttf
www.gs.de/ 		168 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/roboto-medium.ttf
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=
:path
/roboto-medium.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
90803
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
etag
"162b3-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
main.js
www.gs.de/ 		2 MB
563 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/main.js?v=0.8.10.9
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
b583ab2eb60a4f14272d1746f3c8b054f670e390c666f311139faed49167ccfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/main.js?v=0.8.10.9
pragma
no-cache
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gs.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
573580
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
https://www.gsmarkets.be https://www.gsmarkets.nl https://www.gsmarkets.at https://www.gsmarkets.de https://flatex.gsmarkets.de https://flatex.gsmarkets.at https://www.gs.de https://beta.gsmarkets.nl https://beta.gsmarkets.de https://www.gsmarkets.fr https://www.goldmansachs.com.tr
cache-control
max-age=0, no-cache, no-store
etag
"8c08c-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
publico-bold.woff
www.gs.de/ 		58 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/publico-bold.woff
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
11e5f9e99082b93ae0ca52e22f3c6420eb2fcd16b864bc1d6fdff4875615f994
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; lang=de-DE
:path
/publico-bold.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Origin
content-length
59750
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:39 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
etag
"e966-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:39 GMT
roboto-regular.ttf
www.gs.de/ 		168 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/roboto-regular.ttf
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; lang=de-DE
:path
/roboto-regular.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
90049
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
etag
"15fc1-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
roboto-medium.ttf
www.gs.de/ 		168 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/roboto-medium.ttf
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; lang=de-DE
:path
/roboto-medium.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
90803
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:38 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
etag
"162b3-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:38 GMT
roboto-italic.ttf
www.gs.de/ 		170 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/roboto-italic.ttf
Requested by
Host: www.gs.de
URL: https://www.gs.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
5fce8b6f8ba9f4d19f0d535e241d56a2b8e72bb07e7df711d968d092ef7f9fca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; lang=de-DE
:path
/roboto-italic.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gs.de/
Origin
https://www.gs.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Accept-encoding
content-length
95752
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 13 Sep 2021 12:25:14 GMT
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:39 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
access-control-allow-origin
https://www.gsmarkets.be https://www.gsmarkets.nl https://www.gsmarkets.at https://www.gsmarkets.de https://flatex.gsmarkets.de https://flatex.gsmarkets.at https://www.gs.de https://beta.gsmarkets.nl https://beta.gsmarkets.de https://www.gsmarkets.fr https://www.goldmansachs.com.tr
cache-control
max-age=0, no-cache, no-store
etag
"17608-5cbdf8e979e80"
accept-ranges
bytes
expires
Wed, 29 Sep 2021 22:15:39 GMT
graphql
www.gs.de/ 		107 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/graphql
Requested by
Host: www.gs.de
URL: https://www.gs.de/main.js?v=0.8.10.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
8f1cb1eee001525bc06caa2c0d63d39777ee23d1b3de1bf6dc8d4b4088476c43
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' *.qualtrics.com; script-src 'self' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com; img-src 'self' images.ctfassets.net *.siteintercept.qualtrics.com; style-src 'self' ; font-src 'self'; connect-src 'self' https://*.akamaihd.net https://images.ctfassets.net https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com wss://www.gs.de; manifest-src 'self'; report-uri /api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a; frame-ancestors https://www.flatex.de https://www.flatex.at
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.flatex.de
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-locale
de-DE
sec-fetch-dest
empty
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; lang=de-DE
content-length
229
:path
/graphql
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
POST
accept
*/*
x-locale
de-DE
Referer
https://www.gs.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'none'; frame-src 'self' *.qualtrics.com; script-src 'self' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com; img-src 'self' images.ctfassets.net *.siteintercept.qualtrics.com; style-src 'self' ; font-src 'self'; connect-src 'self' https://*.akamaihd.net https://images.ctfassets.net https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com wss://www.gs.de; manifest-src 'self'; report-uri /api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a; frame-ancestors https://www.flatex.de https://www.flatex.at
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
vary
Origin
content-length
107
x-xss-protection
1; mode=block
pragma
no-cache
server
WebServer
x-frame-options
ALLOW-FROM https://www.flatex.de
date
Wed, 29 Sep 2021 22:15:39 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
set-cookie
bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQ1qjZV2L3lzkQ9UDAlC+7KkAW4elY6xXi+IlcLzxBuUqSwHQbbzhDVB7hM+nVf1zIVjMKhu70JhnNNYkcCjFD1LZWMYeiOEmHGYsJAffhAHFfzvRdDIfakY9HxiSP2tj0=; Domain=.www.gs.de; Path=/; Max-Age=7199; HttpOnly
expires
Wed, 29 Sep 2021 22:15:39 GMT
tp2
www.gs.de/snowplow/com.snowplowanalytics.snowplow/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/snowplow/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.gs.de
URL: https://www.gs.de/main.js?v=0.8.10.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUArD1OZ56AQAA66OgMw0qqeZiY4plPo/ZvJucxQIYvhnSeOhu4bxc9pXVw7nchYFsPv0EWIvjfF3DsUOd1fN/mdsOBQThSbrAW3gdYM/FMUacKm6prfZfn6/90jhTGhyAWUIIxWexSs9Yzr2pm/xB+ROVZGPBX4lW9jkOtKxFGcl0YziAq4iP1yGWvej1sjK+jC30qblXtAzq2Ds+6w3PhaflS6y5kY1rPjTa39Xo8AsV+hnsXcIp3fQvJfj2L0zXsJilgEOOEFKhbPV2Wp/YZ8F53XEWcW0elSB0L0abVimn3GuYnKjQsraG/rXWr7KneCJmsojLrLCSx11x/NqG7YINOX3pgTBLvLwr3N/w5CG8qzhnGb678/3HjKlm5ucyT1o=; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQa3i1q6n6OKg+9/D0sdRQbVlrOBJrHEAa1dMuJx56gpYJzlJHR6fwOfLDn5KOQ9d6o0jCGBJspZ/Q7suhhuuOgCkLC08i31uP3ao4UOqSbg9SFZFIYS40u7fcDbJXaBcQ=; lang=de-DE
content-length
2127
:path
/snowplow/com.snowplowanalytics.snowplow/tp2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.gs.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
vary
Origin
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:39 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
set-cookie
bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQ1qjZV2L3lzkQ9UDAlC+7KkAW4elY6xXi+IlcLzxBuUqSwHQbbzhDVB7hM+nVf1zJyer/a5VJREduzH5jXTzsqS34hDNIpx5KXFIbvQiHwfFQZpSDZLij+gZcsjjIrQ8g=; Domain=.www.gs.de; Path=/; Max-Age=7199; HttpOnly
expires
Wed, 29 Sep 2021 22:15:39 GMT
tp2
www.gs.de/snowplow/com.snowplowanalytics.snowplow/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gs.de/snowplow/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.gs.de
URL: https://www.gs.de/main.js?v=0.8.10.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.138.11 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-20-138-11.deploy.static.akamaitechnologies.com
Software
WebServer /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.gs.de
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
t=5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho; user-id=7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55; anon=true; lang=de-DE; ak_bmsc=1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUAsz1OZ56AQAAFKmgMw0vgZ00c1iHfmkeZO+U+fS+T/HlxAdd1fhsuVDKeFtGYP5AmZvZZdFCF2Qo6SzEgRBO3r7VqbsRKHBazYhk/yvGXhQwY2CplRbDCiqRHMfmi+xFZkBJbIIW4swR2K0buosNv2cBfiXleKubvphd1s4zuqAxK4XgYXvgg52kx3DYvZ7A2R97bTLtb7lQm0WGopfxVZMKW6bAwm6FzU/fzorLZmSN6V/Ltos/ErxItyA7ICwDusOe+VYPU4FbLK6KSUVM6/liFMinKz3I/uZjxqlJvTQhfJ1oA3iZe5sSEjHj8Jgee6gvLlJ4hlEXjgep+Rz8u8ocIPpvAz52Xu9Jguc9jZxtkdY5JlrBu08PdauMkyzi8MgsjkqeXjnAuko8bQ==; bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQ1qjZV2L3lzkQ9UDAlC+7KkAW4elY6xXi+IlcLzxBuUqSwHQbbzhDVB7hM+nVf1zJyer/a5VJREduzH5jXTzsqS34hDNIpx5KXFIbvQiHwfFQZpSDZLij+gZcsjjIrQ8g=
content-length
14137
:path
/snowplow/com.snowplowanalytics.snowplow/tp2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.gs.de
referer
https://www.gs.de/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.gs.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

content-security-policy
default-src 'none'; frame-src 'self' https://*.finapi.io; script-src 'self' 'nonce-aW5saW5lLXNjcmlwdHMtZm9yLWdz' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://*.finapi.io; img-src 'self' images.ctfassets.net https://*.finapi.io https://*.akamaihd.net; style-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; font-src 'self' 'nonce-aW5saW5lLXN0eWxlcy1mb3ItZ3M=' https://*.finapi.io https://*.akamaihd.net; connect-src 'self' https://*.akamaihd.net https://*.cloudflare.com https://images.ctfassets.net https://*.finapi.io wss://www.gsmarkets.be wss://www.gsmarkets.nl wss://www.gsmarkets.at wss://www.gsmarkets.de wss://flatex.gsmarkets.de wss://flatex.gsmarkets.at wss://www.gs.de wss://beta.gsmarkets.nl wss://beta.gsmarkets.de wss://www.gsmarkets.fr wss://www.goldmansachs.com.tr; manifest-src 'self'; worker-src 'self'
x-content-type-options
nosniff
gs_us_user
false
surrogate-control
no-store
x-dns-prefetch-control
off
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
vary
Origin
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
WebServer
x-frame-options
DENY
date
Wed, 29 Sep 2021 22:15:39 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gs.de
cache-control
max-age=0, no-cache, no-store
set-cookie
bm_sv=AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQ1qjZV2L3lzkQ9UDAlC+7KkAW4elY6xXi+IlcLzxBuUqSwHQbbzhDVB7hM+nVf1zI1XK6TnY1PQwS3jE93N+fbwq0r5gC7RyW2+fGRirsGNNrFVB3mCaGQzG7oTy3EWCQ=; Domain=.www.gs.de; Path=/; Max-Age=7199; HttpOnly
expires
Wed, 29 Sep 2021 22:15:39 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| GlobalSnowplowNamespace function| snowplow object| __APOLLO_STATE__ object| __intl__ object| webpackChunkspace_pd_ui_poc object| __SENTRY__ object| core object| regeneratorRuntime object| Snowplow

6 Cookies

Domain/Path Name / Value
www.gs.de/ Name: t
Value: 5Ese9LoGH8qZDfT8WSUXYH7blY3mIhGulVvAX9PEYPkp5zQyquWRc3cq54HcF7awTgpuS9dP9FzvkKhLJNxjkumK4ML4IS1PK6l3iRC1WzUtQC9vFQlYwSjDWTGWRvnsTrho
www.gs.de/ Name: user-id
Value: 7d4edfdb-2016-4216-9c6d-ea1c9d7b4a55
www.gs.de/ Name: anon
Value: true
www.gs.de/ Name: lang
Value: de-DE
.www.gs.de/ Name: ak_bmsc
Value: 1D0D785CF5DB4A3A3129B616CC80DFB5~000000000000000000000000000000~YAAQB4oUAsz1OZ56AQAAFKmgMw0vgZ00c1iHfmkeZO+U+fS+T/HlxAdd1fhsuVDKeFtGYP5AmZvZZdFCF2Qo6SzEgRBO3r7VqbsRKHBazYhk/yvGXhQwY2CplRbDCiqRHMfmi+xFZkBJbIIW4swR2K0buosNv2cBfiXleKubvphd1s4zuqAxK4XgYXvgg52kx3DYvZ7A2R97bTLtb7lQm0WGopfxVZMKW6bAwm6FzU/fzorLZmSN6V/Ltos/ErxItyA7ICwDusOe+VYPU4FbLK6KSUVM6/liFMinKz3I/uZjxqlJvTQhfJ1oA3iZe5sSEjHj8Jgee6gvLlJ4hlEXjgep+Rz8u8ocIPpvAz52Xu9Jguc9jZxtkdY5JlrBu08PdauMkyzi8MgsjkqeXjnAuko8bQ==
.www.gs.de/ Name: bm_sv
Value: AD11328754DF039E2D9369772A3A6206~GA75BBSO/yg20gI1jVvIz2DNjWPi9Agj7/btOaiwxQQ1qjZV2L3lzkQ9UDAlC+7KkAW4elY6xXi+IlcLzxBuUqSwHQbbzhDVB7hM+nVf1zI1XK6TnY1PQwS3jE93N+fbwq0r5gC7RyW2+fGRirsGNNrFVB3mCaGQzG7oTy3EWCQ=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-src 'self' *.qualtrics.com; script-src 'self' 'unsafe-inline' https://*.akamaihd.net https://www.googletagmanager.com https://www.google-analytics.com https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com; img-src 'self' images.ctfassets.net *.siteintercept.qualtrics.com; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self' https://*.akamaihd.net https://images.ctfassets.net https://siteintercept.qualtrics.com https://*.siteintercept.qualtrics.com wss://www.gs.de; manifest-src 'self'; report-uri /api/8/security/?sentry_key=45bef1e79c1e4d69b1a6531a757d0a7a; frame-ancestors https://www.flatex.de https://www.flatex.at
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.flatex.de
X-Xss-Protection 1; mode=block