setc.fintitan.com Open in urlscan Pro
52.17.119.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ffcraconsulting.com/
Effective URL:
https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&c...
Submission: On August 24 via api (August 24th 2024, 5:27:41 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 25 domains to perform 80 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is setc.fintitan.com.
TLS certificate: Issued by R10 on August 14th 2024. Valid for: 3 months.

This is the only time setc.fintitan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.185.159.145 198.185.159.145	53831 (SQUARESPACE) (SQUARESPACE)
1 1	2606:4700:20:... 2606:4700:20::681a:ca0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	44.196.228.151 44.196.228.151	14618 (AMAZON-AES) (AMAZON-AES)
1	52.17.119.105 52.17.119.105	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:440... 2606:4700:4400::6812:22e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:440... 2606:4700:4400::ac40:9572	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:8e77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.232.47 52.222.232.47	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	3.165.190.90 3.165.190.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:275... 2600:9000:275d:d400:1b:e40d:4a00:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:50cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.147.249.115 54.147.249.115	14618 (AMAZON-AES) (AMAZON-AES)
17	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:afbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2.18.64.15 2.18.64.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.216.119.23 3.216.119.23	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1f10:4c2... 2600:1f10:4c2d:4711:743:a128:990e:f0c3	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.57.85.160 20.57.85.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
80	30

1 198.185.159.145 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

ffcraconsulting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ca0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

share.ertc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.228.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-228-151.compute-1.amazonaws.com

blue.mbsy.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

setc.fintitan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:22e3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:9572 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:8e77 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-47.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.165.190.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-190-90.zrh55.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:d400:1b:e40d:4a00:21 (United States)

ASN16509 (AMAZON-02, US)

d34r8q7sht0t9k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:50cc (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.147.249.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-249-115.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:afbc (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e60 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.119.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-119-23.compute-1.amazonaws.com

ipv4.podscribe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f10:4c2d:4711:743:a128:990e:f0c3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

verifi.podscribe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com	404 KB
8	hubspot.com forms-na1.hubspot.com	3 KB
7	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 11800	213 KB
6	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 20729	70 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114 e.clarity.ms — Cisco Umbrella Rank: 18352	28 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	135 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	16 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 9382 forms-na1.hsforms.com — Cisco Umbrella Rank: 15115	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	304 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	podscribe.com ipv4.podscribe.com — Cisco Umbrella Rank: 15932 verifi.podscribe.com — Cisco Umbrella Rank: 12213	919 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 15542 ad.ipredictive.com — Cisco Umbrella Rank: 11115	3 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net d34r8q7sht0t9k.cloudfront.net	33 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	155 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	8 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	12 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	8 KB
1	fintitan.com setc.fintitan.com	17 KB
1	mbsy.co 1 redirects blue.mbsy.co	790 B
1	ertc.com 1 redirects share.ertc.com	923 B
1	ffcraconsulting.com 1 redirects ffcraconsulting.com	164 B
80	25

	Domain	Requested by
17	fonts.gstatic.com	fonts.googleapis.com
8	forms-na1.hubspot.com	js.hsforms.net
7	cdn.prod.website-files.com	setc.fintitan.com
6	cdn.weglot.com	setc.fintitan.com cdn.weglot.com
5	analytics.tiktok.com	setc.fintitan.com analytics.tiktok.com
3	e.clarity.ms	www.clarity.ms
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com setc.fintitan.com
3	www.googletagmanager.com	setc.fintitan.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	setc.fintitan.com
2	connect.facebook.net	setc.fintitan.com connect.facebook.net
2	forms-na1.hsforms.com	setc.fintitan.com
2	region1.google-analytics.com	www.googletagmanager.com
2	js.hsforms.net	setc.fintitan.com js.hsforms.net
1	verifi.podscribe.com	setc.fintitan.com
1	px4.ads.linkedin.com	setc.fintitan.com
1	ipv4.podscribe.com	d34r8q7sht0t9k.cloudfront.net
1	snap.licdn.com	www.googletagmanager.com
1	ad.ipredictive.com	js.ipredictive.com
1	forms.hsforms.com	js.hsforms.net
1	d34r8q7sht0t9k.cloudfront.net	setc.fintitan.com
1	fonts.googleapis.com	ajax.googleapis.com
1	js.ipredictive.com	setc.fintitan.com
1	cdn.jsdelivr.net	setc.fintitan.com
1	d3e54v103j8qbb.cloudfront.net	setc.fintitan.com
1	unpkg.com	setc.fintitan.com
1	ajax.googleapis.com	setc.fintitan.com
1	setc.fintitan.com
1	blue.mbsy.co	1 redirects
1	share.ertc.com	1 redirects
1	ffcraconsulting.com	1 redirects
80	32

This site contains links to these domains. Also see Links.

Domain
ertc.ffcrarefund.com
portal.ffcrarefund.com
www.facebook.com
www.instagram.com
www.tiktok.com

Subject Issuer	Validity	Valid
setc.fintitan.com R10	`2024-08-14` - `2024-11-12`	3 months	crt.sh
prod.website-files.com WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdn.weglot.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2024-02-12` - `2025-03-11`	a year	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
ipv4.podscribe.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-27`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.podscribe.com Amazon RSA 2048 M02	`2024-05-26` - `2025-06-24`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Frame ID: 8D1FACCF1154748136A2059449735164
Requests: 71 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=108224&cache_buster=1724520455&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%2C%2B24%2BAug%2B2025%2B17%3A27%3A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&p1=%5BButton+Name%5D
Frame ID: 311619258C8500D1D91B2A96FFA1DADB
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: A23FA1D3584179C3B0F6C85720A701C1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Self-employed Tax Credits | FFCRA Tax Credits

Page URL History Show full URLs

https://ffcraconsulting.com/ HTTP 302
https://share.ertc.com/6FndJ3 HTTP 301
https://blue.mbsy.co/6FndJ3?mbsy_custom_host=share.ertc.com HTTP 301
https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+202... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

scrollreveal(?:\.min)(?:\.js)

Page Statistics

80
Requests

99 %
HTTPS

69 %
IPv6

25
Domains

32
Subdomains

30
IPs

3
Countries

1508 kB
Transfer

4206 kB
Size

26
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ertc.ffcrarefund.com/?partnerID=adesso
Title: Sign in

Search URL Search Domain Scan URL

URL: https://portal.ffcrarefund.com/pre-qualify/
Title: calculate your ffcra tax credit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=61552344171603

Search URL Search Domain Scan URL

URL: https://www.instagram.com/adessocapital/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@adessocapital

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ffcraconsulting.com/ HTTP 302
https://share.ertc.com/6FndJ3 HTTP 301
https://blue.mbsy.co/6FndJ3?mbsy_custom_host=share.ertc.com HTTP 301
https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&tm=gtmv2&e_ipv6=AQKht10p5AaE4QAAAZGFbd9jqX5-2WMR_3kTJ0vns1Cmn6iYUuqVZkkE6ELoihjYLgrWo6_GUGnxwQILiySJuM_NbHNTPQ

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
setc.fintitan.com/
Redirect Chain

https://ffcraconsulting.com/
https://share.ertc.com/6FndJ3
https://blue.mbsy.co/6FndJ3?mbsy_custom_host=share.ertc.com
https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3

92 KB
17 KB

656ms
409ms

Document
text/html

52.17.119.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

Software

Resource Hash

60c203a33188941cc419c8cb1fcc8d3099a07806700e5a1fb9a3e120947ce761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 17424
content-type: text/html
date: Sat, 24 Aug 2024 17:27:34 GMT
strict-transport-security: max-age=31536000
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cluster-name: eu-west-1-prod-hosting-red
x-lambda-id: f0548faf-24df-4261-b4f2-03c5dbfad8fe
x-served-by: cache-dub4335-DUB
x-timer: S1724520454.252240,VS0,VE362

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
content-security-policy: default-src 'self' *.getambassador.com 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Sat, 24 Aug 2024 17:27:33 GMT
location: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
referrer-policy: no-referrer
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none

GET
H3 200 fintitan.eea173ae2.css
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/css/ 112 KB
21 KB 182ms
37ms Stylesheet
text/css 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/css/fintitan.eea173ae2.css
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432ff2201f19cc20b284d447d596d8b4a35835cdee2053e63c37ee41eb4d6e91

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:34 GMT
content-encoding: gzip
x-amz-version-id: bqbsIevzwPVZZ6lTXfDBjK93vrEsN_HX
cf-cache-status: HIT
x-amz-request-id: ZF4H8XXAY2G6H4AD
age: 845621
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 20924
x-amz-id-2: TNVwNSftYn0ekN6wIIbRC+gn6A77Niu94aOeAyRw4wKE7jygBTkT6a1r/R3UQCgzudMe4ixEEgiQoJmgrybgkR7eAaSGS4mx
last-modified: Wed, 14 Aug 2024 16:23:59 GMT
server: cloudflare
etag: "d67dcea94fff13c9785029193d8e7eaf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b850dcb0ccebbcb-FRA

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 173ms
27ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 12:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 12:27:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 260ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F7LHNW6L5Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c869c7509c16f3380eb2be6af25ab26b198dbc229daa3f1f3a6aa2d5ce061eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 24 Aug 2024 17:27:35 GMT

GET
H3 200 weglot.min.js Show response
cdn.weglot.com/ 133 KB
46 KB 146ms
65ms Script
application/javascript 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/weglot.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f70126889c376c3871cf9c8e4cc845462a5eae86398dd6834344ba90bff8448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:34 GMT
content-encoding: gzip
via: 1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 598
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Aug 2024 12:45:47 GMT
server: cloudflare
etag: W/"76dd526e9cd1672538c2f101f710e642"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
cf-ray: 8b850dcaacf039e0-FRA
x-amz-cf-id: qTslejLsgjAyHeuf-eSOAryquCTt0kRB1UnoLux5MEmtFa4Zi7NEsQ==
expires: Sat, 24 Aug 2024 17:57:34 GMT

GET
H2 200 scrollreveal.min.js Show response
unpkg.com/scrollreveal@4.0.0/dist/ 16 KB
8 KB 179ms
33ms Script
application/javascript 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/scrollreveal@4.0.0/dist/scrollreveal.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:34 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14162771
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWM67GM75QDXV2CTXWFKX6R-fra
server: cloudflare
etag: "4009-olFGSVMkRiWLiX8td2OR9arAZMQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b850dcb0f9f90fa-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 327 KB
107 KB 255ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LQHXBMYWXW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e493cde6c7936671180ff967ed6bcd631ff4b82875d06e80b51ee7fea0dbd481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 24 Aug 2024 17:27:35 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 483 KB
155 KB 176ms
37ms Script
application/javascript 2606:4700::6812:8e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8e77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-request-id: 648ZJHH4SQ5JKNW8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 259
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b8507755aa63659-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"07033d485ccfcdda144e7a4173dbc0bc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5781/bundles/project-v2.js
date: Sat, 24 Aug 2024 17:27:34 GMT
x-amz-version-id: __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hubspot-correlation-id: 884bfe8e-56f2-4e55-bd89-7fe33dbea815
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cfoDgcgpK9AIOAHP1d1eOczXQVoQ7/svJVgMJpRJQ0FbFgxii+qAY9Mp+8lh7xo0XeA010K5gYc=
x-request-id: 884bfe8e-56f2-4e55-bd89-7fe33dbea815
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 07 Aug 2024 13:25:19 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csdh%2FFOI65AeGb%2BNv82McsMObEcKaGtQ4TMqZbyvYMeHECX2NB17xeWFOW3dm28yw7b60rrqykim0bxBgMhWuhxNoEDlBPiKkMVbLXQjS%2FGE85alm7mMEeMs2TwGD3rM2cHslb3Ft%2FSJX3Lm"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8b850dcaff289107-FRA

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 166ms
24ms Script
application/javascript 52.222.232.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66b4a2e7bffba00df442b7e5
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://setc.fintitan.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 03:26:57 GMT
content-encoding: br
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
age: 50438
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: lINaR1YIkjRkvr_zUBhMT0RvLkfXYKEOUFTDwSaRWITLJx2R8Q1XeA==

GET
H3 200 fintitan.60eca88ad.js Show response
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/js/ 175 KB
64 KB 180ms
47ms Script
text/javascript 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/js/fintitan.60eca88ad.js
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bdc23f1bc704f76d0f61d227e8b2a17bdfd83454c13dfebe9d3b4cb2f05f8d4

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:34 GMT
content-encoding: gzip
x-amz-version-id: 7pEI4hbsHxHqM4YujL2wE_KnwT3cT0Vi
cf-cache-status: HIT
x-amz-request-id: ZARNEW6HV0WWW0MB
age: 267231
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 65318
x-amz-id-2: spPBwYpPtErF9HV0SIb4f+0OzjoBbwekYeGxumZLavUI4cYuBuicNygcfPxA5mhosTyzWVMb/KNRU3Yvmh4Bpyc8XBTnbr66/wolMxi/2gI=
last-modified: Wed, 21 Aug 2024 14:51:49 GMT
server: cloudflare
etag: "ffa04d0cfa8ca744a38d2ff6a8ccf438"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b850dcb0cccbbcb-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
12 KB 162ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 24 Aug 2024 17:27:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 817778
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11325
x-served-by: cache-fra-etou8220083-FRA
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adelphic_universal_pixel.js Show response
js.ipredictive.com/ 3 KB
3 KB 168ms
27ms Script
application/javascript 3.165.190.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.165.190.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-165-190-90.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2926504d61d971160c1b7a5891313062cd0cab673e787d51c3ecd58b6cfba8

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:10:52 GMT
via: 1.1 bc15df0ddd2cf5735a630c71c367efec.cloudfront.net (CloudFront)
last-modified: Thu, 08 Aug 2024 19:15:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P2
age: 1019
x-amz-server-side-encryption: AES256
etag: "05cb9d98e5afdb7af23fad7b8e2eceb1"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2815
x-amz-cf-id: xToNFzQ3o5uyHudyHWlfS27I9a0UpE3YdmxYFTY5BgFK-aXVlDJ5OA==

GET
H2 200 css
fonts.googleapis.com/ 61 KB
2 KB 242ms
35ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:300,regular,500,700%7CInter:200,300,regular,500,600,700,800

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb86c1c96aabe40a23510dab283f2714743c8e38ad4f7c69fb10c5694e821788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Aug 2024 17:27:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Aug 2024 17:27:35 GMT

GET
H3 200 16a1784e40a0afdbb1929636736a07287.json Show response
cdn.weglot.com/projects-settings/ 2 KB
1 KB 81ms
58ms Fetch
application/json 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/projects-settings/16a1784e40a0afdbb1929636736a07287.json

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce546db09aaf64a40e42d90ac771f26b72d86f24bca661c516bfe4d4d1fcd296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 1150131
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 15:38:12 GMT
server: cloudflare
etag: W/"275106257309b649da2c3d88a0d6511b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 8b850dcbdb9f3a6d-FRA
x-amz-cf-id: cpOR0wGON-hq04O4qFIjpTXC0FkHFjsRF1bldGJK4qu1LjnkO0N0sQ==
expires: Sat, 24 Aug 2024 17:28:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
94 KB 315ms
109ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M494K7N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4714a6d5973c75f99807fe5b7b32f21730f298ddc6d57f723d9fce01e901e912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96510
x-xss-protection: 0
last-modified: Sat, 24 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Aug 2024 17:27:35 GMT

GET
H2 200 tag.js Show response
d34r8q7sht0t9k.cloudfront.net/ 3 KB
3 KB 610ms
402ms Script
text/javascript 2600:9000:275d:d400:1b:e40d:4a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34r8q7sht0t9k.cloudfront.net/tag.js
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:d400:1b:e40d:4a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fb3034df4b523a32a725cd3a9ffdc0cf73b22022e803505d9c38ab5ea769ca1

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:36 GMT
via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jul 2024 09:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "d9b39803bd71d35a85827313c442c08d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 2729
x-amz-cf-id: G4Csh6IX88JiKvw-YtXtjxL00-a_b8Hf208SMB0TBc2IbZXqYKsrPg==

GET
H3 200 66b4a4bce9a9f0ae68fc37a9_Asset%202%404x-p-500.png
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/ 6 KB
6 KB 52ms
51ms Image
image/png 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/66b4a4bce9a9f0ae68fc37a9_Asset%202%404x-p-500.png
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79cd7122dde927f16dfc9fa2d180a207c5cacf0eeca575f62cdac1961f65e33e

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: 8WhP9jygR35UnDwtFtxxv2kbM2lJRrQ4
cf-cache-status: HIT
x-amz-request-id: QZ4MVNW61ACTKSCW
age: 845619
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 6127
x-amz-id-2: 3ykGxLPMBWzAftaM6MQNnjTPcwvnfmaXxG02Byosbiti8QmXkAYyNTL/k7ewl/Sy6WVHDsOy4jo6nw6+iQy3sszldzoma5UI
last-modified: Thu, 08 Aug 2024 10:58:06 GMT
server: cloudflare
etag: "b5e84cee040e8bde037e816fd8ef4e35"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 8b850dcbedefbbcb-FRA

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09/ 13 KB
4 KB 286ms
159ms XHR
application/json 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09/json?hs_static_app=forms-embed&hs_static_app_version=1.5781&X-HubSpot-Static-App-Info=forms-embed-1.5781

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2414105eb80101109e80569aeabf0faec5ca37e57bf7cae5ddb7d337c3538ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5d502166-e4df-490a-b6af-f096bad2b741
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5d502166-e4df-490a-b6af-f096bad2b741
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://setc.fintitan.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8b850dcd0a52a01e-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-vls5k

GET
H3 200 66b4a2e7bffba00df442b83e_AdobeStock_164346878_1-p-800.jpg
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/ 82 KB
82 KB 48ms
47ms Image
image/jpg 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/66b4a2e7bffba00df442b83e_AdobeStock_164346878_1-p-800.jpg
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d9cfdacfa806112cbcee726f204bcff890f3b3218d479d9a77072f1ca66e5e

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: YW8Y.ONtc0kDCF8yKaLAJ.c1H_7i3RMJ
cf-cache-status: HIT
x-amz-request-id: 7E1H3QZHBFQMHFYZ
age: 270429
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 83575
x-amz-id-2: xrygPBFF1t2+oDqjHYO8xBKpykwVTR+x3F6vimOd8xvHNdcKgjhQkcro+/Y30TOe1CmkB0+njKq0mfaF736xlg==
cf-bgj: h2pri
last-modified: Thu, 08 Aug 2024 10:50:17 GMT
server: cloudflare
etag: "0a2afb26a6b59b173f321fb428898043"
vary: Accept-Encoding
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 8b850dcc6e6dbbcb-FRA

GET
H3 200 66b4a2e7bffba00df442b7fd_IRS%20Internal%20Revenue%20Service%201.svg
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/ 8 KB
3 KB 63ms
63ms Image
image/svg+xml 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/66b4a2e7bffba00df442b7fd_IRS%20Internal%20Revenue%20Service%201.svg
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af43312bae6285ed7a1da7aa13091a4223d7fe7d2f56ca7f2d8c9706b5730a34

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: .50FjWdoTPgJ2gg9TBReEuH7iJEwPkwu
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7E1P30HD9S76Y2RV
age: 839810
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ysNgWLCE+dVCAp80Rzrb6a5DYLMUmFSDH7JD7a+4rwziz2GEkM9BiwawvalZG3YYh7bozPbmZnM=
last-modified: Thu, 08 Aug 2024 10:50:16 GMT
server: cloudflare
etag: W/"9e11d213da47e6ffd34ef9ed09701695"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b850dcc6e7abbcb-FRA

GET
H3 200 66b4a2e7bffba00df442b8e4_Illustration%252019-p-800.png
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/ 34 KB
34 KB 38ms
38ms Image
image/png 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/66b4a2e7bffba00df442b8e4_Illustration%252019-p-800.png
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae59fb5ab6d4813c590e022a7bcbfe88cd74c6dc0d89456e0faea78ad88c3dd

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: rIcCE6Ux1SiICGvBPfTQfvQdgKPgnXBh
cf-cache-status: HIT
x-amz-request-id: 7E1M2KYA39D0PQ04
age: 80245
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 34634
x-amz-id-2: W543GxiODjcD7c6+uRNyjuH8lv25vKHyZqNIdNEgRIbz8GLQ8AWbgEgvsyeo/rvwnTJcAsKeQ0I=
last-modified: Thu, 08 Aug 2024 10:50:19 GMT
server: cloudflare
etag: "0c34af8aeacbadea27a30e6d408de353"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 8b850dcc6e7fbbcb-FRA

GET
H3 200 weglot.min.css
cdn.weglot.com/ 28 KB
5 KB 41ms
41ms Stylesheet
text/css 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weglot.com/weglot.min.css?v=6

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35638404c448909f695c198049e27b151876151b68f65e4f8d183ede75150e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 3820884
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jul 2024 13:58:55 GMT
server: cloudflare
etag: W/"dca11c08c28cf77d8aa88274c8e81c5f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b850dccafab39e0-FRA
x-amz-cf-id: AFEIzOMjIaGd4qcZd6eGONYUav1uJ4n2sNokbb1P_8fvkUId9CpyhA==
expires: Sun, 24 Aug 2025 17:27:35 GMT

GET
H3 200 gb.svg
cdn.weglot.com/flags/rectangle_mat/ 607 B
824 B 40ms
39ms Image
image/svg+xml 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.weglot.com/flags/rectangle_mat/gb.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
x-amz-version-id: null
via: 1.1 04e9e9d9b90b8bb096dac156f847c1a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DUS51-P3
age: 14162786
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 16:04:53 GMT
server: cloudflare
etag: W/"006007133f2f5769b083935b65c12e4e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b850dccdfee39e0-FRA
x-amz-cf-id: c14-dPtGRJug5FHGcVw-396hti5MFM-NFaaKh5cycisuBIxUbYQRqg==
expires: Sun, 24 Aug 2025 17:27:35 GMT

GET
H3 200 es.svg
cdn.weglot.com/flags/rectangle_mat/ 89 KB
17 KB 79ms
78ms Image
image/svg+xml 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.weglot.com/flags/rectangle_mat/es.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc451027c83a11707ac910f223f84f7bc51f3881197223978e2a717efa64c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
via: 1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront)
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
age: 14162786
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 16:04:52 GMT
server: cloudflare
etag: W/"96b4be850a4d40bcea53825f0a5464ee"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8b850dccdfef39e0-FRA
x-amz-cf-id: poKDUEZtkjcslQZisLvc827jSeg-jyeDy-dFkcYZvD_d5KtVmZ8BSw==
expires: Sun, 24 Aug 2025 17:27:35 GMT

GET
H3 200 cn.svg
cdn.weglot.com/flags/rectangle_mat/ 870 B
831 B 39ms
38ms Image
image/svg+xml 2606:4700:4400::ac40:9572
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.weglot.com/flags/rectangle_mat/cn.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9572 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07c80556b70af6bdc1478f2a424afe7a876db3b7de55b067625e7d776a7ef22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 14167642
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 16:04:52 GMT
server: cloudflare
etag: W/"7455bf10db798a12af88fab032be7fce"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8b850dccdff039e0-FRA
x-amz-cf-id: 3-bXMzzLA7IBuyzgDJAWrnFaVUy2hh1CZlmmsY6NCeOgVB8Fu4WRnA==
expires: Sun, 24 Aug 2025 17:27:35 GMT

GET
H/1.1 200
OK event
ad.ipredictive.com/d/track/ Frame 3116 0
0 586ms
119ms Document
text/plain 54.147.249.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=108224&cache_buster=1724520455&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%2C%2B24%2BAug%2B2025%2B17%3A27%3A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&p1=%5BButton+Name%5D
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.249.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-249-115.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://setc.fintitan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 24 Aug 2024 17:27:35 GMT
X-CI-RTID: 73c1e411-38f6-4d29-8444-010a3fc8a51c

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 123ms
65ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:300,regular,500,700%7CInter:200,300,regular,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:47:59 GMT
x-content-type-options: nosniff
age: 355176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:47:59 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 164ms
106ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:03:19 GMT
x-content-type-options: nosniff
age: 357856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:03:19 GMT

GET
H2 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 21 KB
21 KB 138ms
81ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 20:39:17 GMT
x-content-type-options: nosniff
age: 334098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21508
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 20:39:17 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 160ms
103ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 00:04:06 GMT
x-content-type-options: nosniff
age: 408209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 00:04:06 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 165ms
108ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:11:11 GMT
x-content-type-options: nosniff
age: 357384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:11:11 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 158ms
100ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 14:54:23 GMT
x-content-type-options: nosniff
age: 441192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Aug 2025 14:54:23 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 159ms
102ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 15:02:44 GMT
x-content-type-options: nosniff
age: 354291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 15:02:44 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 147ms
90ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:03 GMT
x-content-type-options: nosniff
age: 357572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:03 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 155ms
98ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:10:10 GMT
x-content-type-options: nosniff
age: 357445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:10:10 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 161ms
105ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:56:25 GMT
x-content-type-options: nosniff
age: 354670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:56:25 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 127ms
70ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:10:10 GMT
x-content-type-options: nosniff
age: 357445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:10:10 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 143ms
87ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:16:15 GMT
x-content-type-options: nosniff
age: 357080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:11:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:16:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 141ms
85ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:56:27 GMT
x-content-type-options: nosniff
age: 358268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:56:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 113ms
57ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 14:58:07 GMT
x-content-type-options: nosniff
age: 440968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Aug 2025 14:58:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 135ms
79ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:27:19 GMT
x-content-type-options: nosniff
age: 356416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:27:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 100ms
44ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:13:05 GMT
x-content-type-options: nosniff
age: 357270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:13:05 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 76ms
21ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://setc.fintitan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:58:37 GMT
x-content-type-options: nosniff
age: 358138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:58:37 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame A23F 483 KB
0 176ms
37ms Script
application/javascript 2606:4700::6812:8e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8e77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-request-id: 648ZJHH4SQ5JKNW8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 259
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5781/bundles/project-v2.js&cfRay=8b8507755aa63659-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"07033d485ccfcdda144e7a4173dbc0bc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5781/bundles/project-v2.js
date: Sat, 24 Aug 2024 17:27:34 GMT
x-amz-version-id: __TkXxzKt.v8sm6CVT1EUR2QdTtEmM_4
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hubspot-correlation-id: 884bfe8e-56f2-4e55-bd89-7fe33dbea815
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cfoDgcgpK9AIOAHP1d1eOczXQVoQ7/svJVgMJpRJQ0FbFgxii+qAY9Mp+8lh7xo0XeA010K5gYc=
x-request-id: 884bfe8e-56f2-4e55-bd89-7fe33dbea815
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 07 Aug 2024 13:25:19 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csdh%2FFOI65AeGb%2BNv82McsMObEcKaGtQ4TMqZbyvYMeHECX2NB17xeWFOW3dm28yw7b60rrqykim0bxBgMhWuhxNoEDlBPiKkMVbLXQjS%2FGE85alm7mMEeMs2TwGD3rM2cHslb3Ft%2FSJX3Lm"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8b850dcaff289107-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 136ms
32ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LQHXBMYWXW&gtm=45je48l0v9119472093za200&_p=1724520454983&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZGVlNj&cid=401623422.1724520455&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724520455&sct=1&seg=0&dl=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&dt=Self-employed%20Tax%20Credits%20%7C%20FFCRA%20Tax%20Credits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3309
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQHXBMYWXW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2024 17:27:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://setc.fintitan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 54ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F7LHNW6L5Y&gtm=45je48l0v9191435674za200&_p=1724520454983&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZGVlNj&cid=401623422.1724520455&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724520455&sct=1&seg=0&dl=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&dt=Self-employed%20Tax%20Credits%20%7C%20FFCRA%20Tax%20Credits&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3388
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7LHNW6L5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2024 17:27:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://setc.fintitan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
884 B 196ms
148ms Image
image/gif 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dbc9aeed-6212-4e39-a359-42ed0e76041e
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dbc9aeed-6212-4e39-a359-42ed0e76041e
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-c6g9r
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8b850dcfce12085a-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 206ms
46ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M494K7N

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 24 Aug 2024 17:27:35 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 51D06ACA8A9F4463B2F2D23CC6085A1F Ref B: FRA231050412023 Ref C: 2024-08-24T17:27:35Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14184

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 161ms
19ms Script
application/javascript 2a02:26f0:480:15::213:7e60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M494K7N

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e60 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=25504
accept-ranges: bytes
content-length: 14628

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 48ms
19ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 24 Aug 2024 17:27:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 1p+TCdHcVgv4MPYvgYE8FRHDgwCv+/hSQL+NyqB+yoqHiYSFEjT/7taknOC/aiRo2iSP9TRLjK9aSnRQDq594Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 288ms
126ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJVPLJ3C77U2Q32CH7J0&lib=ttq
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bfe099dfb65c266ecb4cb6b9b9a3f961a76bd14aaaf1e0ea33eeb735140d5831

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: c5ebaaaf.e03ce9ee
date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408241727354D0764D299B387858BC7-3C4C4607D98BF1EA-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 95,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=8, inner; dur=3
content-length: 1862
pragma: no-cache
server: nginx
x-tt-logid: 202408241727354D0764D299B387858BC7
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.215
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6dbbdd7fa258d5258f1e50ed80cae52e0c8743a21eba8f7f1d73e98c9f994ba0eaffb8939dc3ba36ca3d6c86cab53dfc1dad9665807d4c815b5ec40f836f3eb1347863daf02fe09a6de56a62e7b768a89705904b33156e41067e6417fc25c518d3
expires: Sat, 24 Aug 2024 17:27:35 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
848 B 130ms
130ms Image
image/gif 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a669a0b5-923c-4a3a-9fd4-ef91e9010902
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a669a0b5-923c-4a3a-9fd4-ef91e9010902
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-c6g9r
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8b850dd03e58085a-FRA

GET
H2 200 / Show response
ipv4.podscribe.com/ 23 B
223 B 461ms
128ms Fetch
application/json 3.216.119.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.podscribe.com/
Requested by: Host: d34r8q7sht0t9k.cloudfront.net
URL: https://d34r8q7sht0t9k.cloudfront.net/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.216.119.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-119-23.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: d5c8ae252a97f994ffbe603d7f92150bcbb77a9b5a942162ad5471e195e73a15

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 24 Aug 2024 17:27:36 GMT
server: awselb/2.0
access-control-allow-headers: *
content-length: 23
access-control-allow-methods: OPTIONS, GET, POST
content-type: application/json

GET
H3 200 3490847011234950 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 107ms
106ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3490847011234950?v=2.9.165&r=stable&domain=setc.fintitan.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b4029bb8059d73b7c6bd5bf05239ebd07be1c0985307534b3ad8e1a1aee36d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 24 Aug 2024 17:27:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 22
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=74, mss=1232, tbw=66967, tp=63, tpl=0, uplat=85, ullat=0
pragma: public
x-fb-debug: hbySA4CULQ7FHWmCiDRQRHTYIgbKpviG9Sr78EK06aO+/4/fGLqU5uUBtiyx5APrrGmgrJ0iLKCBhyYDLzyH7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
914 B 209ms
143ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 24 Aug 2024 17:27:36 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 072951D7BF174DD5AF313A5227237B10 Ref B: FRAEDGE1916 Ref C: 2024-08-24T17:27:35Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://setc.fintitan.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYgcTUvzEQA9WOrrE54ag==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 267ms
203ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 195D708ACABA47E09EF8ED2A45AC8074 Ref B: FRAEDGE1711 Ref C: 2024-08-24T17:27:35Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYgcTUwXfwVRRpCCwp1zA==
x-fs-uuid: 0006207135305dfc15451a420b0a75cc

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24...

0
264 B

257ms
192ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&tm=gtmv2&e_ipv6=AQKht10p5AaE4QAAAZGFbd9jqX5-2WMR_3kTJ0vns1Cmn6iYUuqVZkkE6ELoihjYLgrWo6_GUGnxwQILiySJuM_NbHNTPQ
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3E21847087754E8F8AED43CCA626CB3A Ref B: FRAEDGE1813 Ref C: 2024-08-24T17:27:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgcTU0eQNJc/pcMWLhQw==

Redirect headers

date: Sat, 24 Aug 2024 17:27:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 60CADB876A454F868F8C3899EA80E332 Ref B: FRAEDGE1916 Ref C: 2024-08-24T17:27:35Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1724520455864&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&tm=gtmv2&e_ipv6=AQKht10p5AaE4QAAAZGFbd9jqX5-2WMR_3kTJ0vns1Cmn6iYUuqVZkkE6ELoihjYLgrWo6_GUGnxwQILiySJuM_NbHNTPQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYgcTUwXUkVopNhyQDjqQ==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 64ms
19ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3490847011234950&ev=PageView&dl=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&rl=&if=false&ts=1724520455909&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724520455902.725523717631203953&cs_est=true&ler=empty&cdl=API_unavailable&it=1724520455766&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=2829, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 24 Aug 2024 17:27:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 163ms
119ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3490847011234950&ev=PageView&dl=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&rl=&if=false&ts=1724520455909&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724520455902.725523717631203953&cs_est=true&ler=empty&cdl=API_unavailable&it=1724520455766&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x146a2d02483406ee","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:6688683374550903","7830:6688683374550903","10853:6688683374550903","41:6688683374550903","8046:6688683374550903"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 24 Aug 2024 17:27:36 GMT
x-fb-server-load: 55
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406758956060380132", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=15, mss=1328, tbw=3147, tp=-1, tpl=-1, uplat=93, ullat=0
pragma: no-cache
x-fb-debug: lvadOr580FYwHUBcqNClV/6AmbxdeIdmYeu+smUZCJut6iIno/cbg8fDcQ/ieWna1uKeAoB1RE6uyZdgD2ehUw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406758956060380132"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 343075543.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 47ms
47ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343075543.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db088a62f06278e9cc2ce278fc156332efc60507710b5a0ada7c5ab3a6fad2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 24 Aug 2024 17:27:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 581AFA4D802E4D85A717B11E8AF75D56 Ref B: FRA231050412023 Ref C: 2024-08-24T17:27:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 343075543 Show response
www.clarity.ms/tag/uet/ 680 B
935 B 639ms
503ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343075543
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343075543.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4197423e786388f9b1cb028c2222c14f7f156dd14d8fd362511f6b0934933757

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date: Sat, 24 Aug 2024 17:27:36 GMT
x-azure-ref: 20240824T172736Z-167f4bf9998tkrhz7c88ce3ay400000005g000000000gcy5
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 680
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
180 B 46ms
44ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343075543&tm=gtm002&Ver=2&mid=6d404a1a-3eab-4962-84ae-edd1fd9567bd&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Self-employed%20Tax%20Credits%20%7C%20FFCRA%20Tax%20Credits&p=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&r=&lt=3006&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=343568

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 24 Aug 2024 17:27:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E76B9B20F1ED48F8BF873EFEE8EC9028 Ref B: FRA231050412023 Ref C: 2024-08-24T17:27:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTcwODM0ODQ4MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 326 KB
92 KB 26ms
26ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJVPLJ3C77U2Q32CH7J0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f2fc4f1cd87c40b0d83ea0542ba613b4337450bbdc0ef30c7f033ac04e4fac70

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: e03cee59
date: Sat, 24 Aug 2024 17:27:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024082300563130C4BA27D8F1A3EA490A
x-tt-trace-id: 00-24082300563130C4BA27D8F1A3EA490A-1488419360D26788-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019d630b089d4e0b65c19623e1d580e30c0fdc5670a52f8cfb2b10c7f8b55cbdbcff1282858270312df36d859a02bf6a73c53428f4a47c8aef1265e4f4a6ab591c0416f5fe5e07b0b9b9faf40b598c8c99d34058dc1191e3f3b629829bcea095be
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 93173

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 40ms
37ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: e03cf1c8
date: Sat, 24 Aug 2024 17:27:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407291241428A0637CBFAAEB41DCF01
x-tt-trace-id: 00-2407291241428A0637CBFAAEB41DCF01-5E518F47C6012312-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e33994960eedba4d9d64bb2cce523cc44cf9a1ceb6067a86a86c193f5f828f28bdf557cde35992181eb3e1ed8857856db1b699a90312147d7379f71cee1d04dd01e66feac1f106f50fe3bcde315804ca4d23cf41cda1e80b4cdebaad1c4e97a7
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39594

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
878 B 160ms
159ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 73576178.e03cf2d6
date: Sat, 24 Aug 2024 17:27:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240824172736BB0FEC7424653E233841-3B8ACE7C96BA66FF-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 129,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=38, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240824172736BB0FEC7424653E233841
x-cache-remote: TCP_MISS from a23-48-100-142.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.48.100.142
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6dfdc929d7f38cd754232336c9af2135d71d6032c3cfaeb1c32d141ac18df0c50f79a9975e46b6429c4504122d34e7ceb60f93351bed9abd2c43ab54b3e56c59d0037482640ee094bc86e3d640d54f2f952c80eb82eb716d69067e49f20089a168
access-control-allow-headers: Authorization,*
expires: Sat, 24 Aug 2024 17:27:36 GMT

GET
H2 200 tag
verifi.podscribe.com/ 42 B
696 B 530ms
182ms Image
image/png 2600:1f10:4c2d:4711:743:a128:990e:f0c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verifi.podscribe.com/tag?action=view&user_id=30a6f746-1c4d-44d2-8996-3528316e9313&advertiser=adessocapital&referrer=_&device_id=pscrb_5f792b11-35c8-4ef4-e3f9-fcfcc3d8dea9&stid=&ipv4=84.19.175.165&url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&event_url=https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3&source=js-tag+v1.0.4
Requested by: Host: setc.fintitan.com
URL: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f10:4c2d:4711:743:a128:990e:f0c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 24 Aug 2024 17:27:36 GMT
server: awselb/2.0
access-control-allow-headers: *
content-length: 42
access-control-allow-methods: OPTIONS, GET, POST
content-type: image/png

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
879 B 276ms
275ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: bb2a86f.e03cfa44
date: Sat, 24 Aug 2024 17:27:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082417273696280A475ACCF14575D5-1DDAECA07B7BC5F3-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 238,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=141, inner; dur=137
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082417273696280A475ACCF14575D5
x-cache-remote: TCP_MISS from a23-201-31-167.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 141,23.201.31.167
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6dbbdd7fa258d5258f1e50ed80cae52e0c116cd95e7f7553a713cbe44db07dd8edd2b02fd577e15111d6d03ae5d5953b42ab008ba2f7adf86f7a644fc3a6a7ddf5a4c5dd30e14b03859127953d778af9b1f4c59a76bbbc8317d4665ed708e2681e
access-control-allow-headers: Authorization,*
expires: Sat, 24 Aug 2024 17:27:36 GMT

POST
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09 Show response
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame A23F 2 B
703 B 205ms
203ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Aug 2024 17:27:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b5e2fe29-0c49-42b2-be41-daf2614a0553
content-encoding: br
x-envoy-upstream-service-time: 70
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b5e2fe29-0c49-42b2-be41-daf2614a0553
server: cloudflare
access-control-max-age: 300
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-bfmm2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fO9Ke%2B287H4QGzsEoqyAE0rZJxYs9FNrLpXSjEr7b0OyfUnFyWNLQQXcd5eVv98CK5XzUL4Rnx5ztqFiG81kJ%2Fx%2Fud%2FFiLVTdalgc1Cpa5GBQZbbeuNTCoaIBgmRzjiybbKtGhOqYKA21WIuV7%2FhtY4PAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b850dd90c433619-FRA
access-control-allow-headers: *

POST
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09 Show response
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame A23F 2 B
781 B 200ms
199ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Aug 2024 17:27:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8a819c52-a56a-4fdc-996f-fb7797394c65
content-encoding: br
x-envoy-upstream-service-time: 68
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8a819c52-a56a-4fdc-996f-fb7797394c65
server: cloudflare
access-control-max-age: 300
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-m9z4b
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRZyblSd67u8BsL59FkJ2cdSb3img4FAA0IaVOVGKkktc439HncKdZsn9JHa3DA8ZQvJWKW512ZWeiKgQ2wxEkADLV6JBCNKcbVrDkUS2h8sx9xavaIB5rQTfVp%2BmYQ9FAA9bGkuFQzE30kEYWQu2W1eLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b850dd92c623619-FRA
access-control-allow-headers: *

POST
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09 Show response
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame A23F 2 B
961 B 362ms
361ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Aug 2024 17:27:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 035ed78d-1113-4f87-837b-b76223a2f6d9
content-encoding: br
x-envoy-upstream-service-time: 63
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 035ed78d-1113-4f87-837b-b76223a2f6d9
server: cloudflare
access-control-max-age: 300
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-bfmm2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtYGF6PSc4QSrOIoQogmnySpz0104R%2Bb2nGdMBMXMR6AXqnOWfw4eQg%2BaPoWIaqUQCvnfRLhMaHw8dsAxYL3V2EnyMrdKDSVgXRasx2PAIJjmOrFY7Fsq4er3FcOUuzENJmp%2Fy%2B32q%2B9P8Vt5YpPL1mbjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b850dd80aa73619-FRA
access-control-allow-headers: *

POST
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09 Show response
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame A23F 2 B
752 B 237ms
235ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Aug 2024 17:27:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 12be3506-08ae-43af-9d69-623a5a48aec8
content-encoding: br
x-envoy-upstream-service-time: 68
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 12be3506-08ae-43af-9d69-623a5a48aec8
server: cloudflare
access-control-max-age: 300
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-bfmm2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byrtddYqy4%2BGMunS%2FeCHV3QGHMsrW4A5Cwushvh8vgypXpfpwcDkIPPdL8l7zumjMsY4v4vUC0E3l9d%2FU1naC6AQtgfBTtkuEG9MNvETEnuYUE%2FP%2BarbgRQbldfxv%2B%2BqUl5JR%2FCKEJLA%2BL5ge9cH8oyBbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b850dd80aaa3619-FRA
access-control-allow-headers: *

OPTIONS
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame 0
0 517ms
299ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://setc.fintitan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
access-control-max-age: 300
allow: POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8b850dd719903619-FRA
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Sat, 24 Aug 2024 17:27:37 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYN5Tl46hX1dXkoBq9qPk7BaSUjSRtKmVcWNHjkXUyW6np45wFr96e%2BwhXGHTGHjDa3lm3USe%2BMeNrOpYAaNURkLbrtWHOF5W2yKoRsmZL8%2FZvEGCjurOg26N2cFDwnnpPu%2FNR%2BrbRXdMtJPTE3kLtRbRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-c6g9r
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 689f9667-d79a-4693-953a-1bf96dde7d9e
x-request-id: 689f9667-d79a-4693-953a-1bf96dde7d9e

OPTIONS
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame 0
0 541ms
323ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://setc.fintitan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
access-control-max-age: 300
allow: POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8b850dd719923619-FRA
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Sat, 24 Aug 2024 17:27:37 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkUR5asVmTIpqKLhIrAlTOsDN%2FBy48vGhyIE5X2wy2GXBS805pVjjMsQeAcwcHNSTUDnJMEdEEX2E3yS3mpehsUJQBGD033CKKp4nQnFKl0xJYGwxkpBvi19PW1NjavRGN7ciYdI8aQK1IMuyRsaHKqaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-svlbq
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: e1cf6fe8-e754-4711-b4d8-8863d15ab66b
x-request-id: e1cf6fe8-e754-4711-b4d8-8863d15ab66b

OPTIONS
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame 0
0 355ms
142ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://setc.fintitan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
access-control-max-age: 300
allow: POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8b850dd719933619-FRA
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Sat, 24 Aug 2024 17:27:36 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prXgxdH%2BTEvP3d8FaSCi9sYxyPFwD9kYWh4Gs8REChvG1o61DF8gMyaDklM%2BECxow8WvLVu7RaDW4zfj6h1txCkIrLKTTAkUFT25DwnIPHPROIa4VRF6wRUvodGZ2EP0lDC6QD2zYRenexym%2F2ksg4OdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-s7kfj
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: d11078aa-d9f5-4821-a27e-74f08fd5e0fa
x-request-id: d11078aa-d9f5-4821-a27e-74f08fd5e0fa

OPTIONS
H2 200 648e4dfb-e82f-4b5d-9f76-048a39530b09
forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/ Frame 0
0 356ms
144ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/21903561/648e4dfb-e82f-4b5d-9f76-048a39530b09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://setc.fintitan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://setc.fintitan.com
access-control-max-age: 300
allow: POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8b850dd719943619-FRA
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Sat, 24 Aug 2024 17:27:36 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXYZPGg%2FS3YhRrtSlpEzKPPIbbkbb6tFajVI68FikY8bJ5L8mZUayy37jnkih14GAN0lxrYYvrozSTKvQNeCOW2JeAfN4A1tU55%2BKHcKv7EAho37Kfxj3erpFIRX5j1BbVmExdGEhtl7hQLBrQLv%2FQTmyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-c6g9r
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 3559391a-b227-429a-a724-f9b981349f1e
x-request-id: 3559391a-b227-429a-a724-f9b981349f1e

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 139ms
139ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343075543
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:36 GMT
content-encoding: br
last-modified: Thu, 22 Aug 2024 12:43:26 GMT
etag: W/"0x8DCC2A804373A2A"
vary: Accept-Encoding
x-azure-ref: 20240824T172736Z-167f4bf9998tkrhz7c88ce3ay400000005g000000000gd0e
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4ad2841a-e01e-0061-36b5-f40d98000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 1042ms
489ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://setc.fintitan.com
Date: Sat, 24 Aug 2024 17:27:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 66b4a40f35587f5b1cf1b0ff_Favicon.png
cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/ 2 KB
2 KB 33ms
32ms Other
image/png 2606:4700:4400::6812:22e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/66b4a2e7bffba00df442b7e5/66b4a40f35587f5b1cf1b0ff_Favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:22e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea8943148fa59aa43d1d92f1a5428d4bc24348be7dc27e095d30aa3eb21f333

Request headers

Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 17:27:36 GMT
x-amz-version-id: .84xUnRnSMRNRTYX1ER29P_N57ZqVepy
cf-cache-status: HIT
x-amz-request-id: SF4MK1EZQNMDR1JK
age: 473376
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1735
x-amz-id-2: zZdfLnmupR9zT1d+G88XTi5IEJVxJFuY7DaXyeM6bRPJUZ3FDZ/tdq/b36pJEXDkPECJ+jNTPuI=
last-modified: Thu, 08 Aug 2024 10:55:12 GMT
server: cloudflare
etag: "4914d7ed3096ad40d5e59f44522f6947"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 8b850dd7dc22bbcb-FRA

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 116ms
112ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://setc.fintitan.com
Date: Sat, 24 Aug 2024 17:27:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 113ms
112ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://setc.fintitan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://setc.fintitan.com
Date: Sat, 24 Aug 2024 17:27:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ffcraconsulting.com/	1969-12-31 23:59:59	Name: crumb Value: BSDMeqlXGLZ9OGY1MGZhN2NiOWE3MmNiMjg2M2VlMTRmYWVlZmIz
.share.ertc.com/	1970-01-21 07:47:36	Name: mbsyertc Value: %7B%22short_code%22%3A+%226FndJ3%22%2C+%22campaign_uid%22%3A+66917%7D
.share.ertc.com/	1970-01-21 07:47:36	Name: mbsy0641da2f-f8fc-4883-8663-1c87f1b28fca Value: %7B%22mbsy_cookie_code%22%3A+%226FndJ3%22%2C+%22mbsy_cookie_campaign%22%3A+66917%2C+%22mbsy_source%22%3A+%22d985cbb6-38aa-4518-b632-ed307910cae3%22%7D
.blue.mbsy.co/	1970-01-21 07:47:36	Name: mbsyertc Value: %7B%22short_code%22%3A+%226FndJ3%22%2C+%22campaign_uid%22%3A+66917%7D
.blue.mbsy.co/	1970-01-21 07:47:36	Name: mbsy0641da2f-f8fc-4883-8663-1c87f1b28fca Value: %7B%22mbsy_cookie_code%22%3A+%226FndJ3%22%2C+%22mbsy_cookie_campaign%22%3A+66917%2C+%22mbsy_source%22%3A+%22f97fa0e6-8468-481e-a21e-8aae43c152f1%22%7D
.hsforms.net/	1970-01-20 23:02:02	Name: __cf_bm Value: TAPHIuGRRl3WYSUMOrucxpZexAAYQb8p_iJmNJNjOds-1724520454-1.0.1.1-rowM3h_kd9RjX9WtPjD_Waji6vwps3Zr.2E7K2zX_eoajPDEA1KKamrrZUH2Yo1wHLhED5rscZnJ7XfwmEkNuA
.fintitan.com/	1970-01-21 08:38:00	Name: _ga_LQHXBMYWXW Value: GS1.1.1724520455.1.0.1724520455.0.0.0
.fintitan.com/	1970-01-21 08:38:00	Name: _ga Value: GA1.1.401623422.1724520455
.fintitan.com/	1970-01-21 08:38:00	Name: _ga_F7LHNW6L5Y Value: GS1.1.1724520455.1.0.1724520455.0.0.0
.fintitan.com/	1970-01-21 01:11:36	Name: _gcl_au Value: 1.1.1348215546.1724520456
.fintitan.com/	1970-01-21 07:47:36	Name: __podscribe_adessocapital_referrer Value: _
.fintitan.com/	1970-01-21 07:47:36	Name: __podscribe_adessocapital_landing_url Value: https://setc.fintitan.com/?mbsy_source=f97fa0e6-8468-481e-a21e-8aae43c152f1&mbsy_exp=Sun%2C+24+Aug+2025+17%3A27%3A33+GMT&campaignid=66917&mbsy=6FndJ3&ambassador_id=6FndJ3
.fintitan.com/	1970-01-21 07:47:36	Name: __podscribe_did Value: pscrb_5f792b11-35c8-4ef4-e3f9-fcfcc3d8dea9
.ipredictive.com/	1970-01-21 07:47:36	Name: cu Value: 21c27858-00f9-48a3-8ebb-a0e3dd54d090\|1724520455743
.hsforms.com/	1970-01-20 23:02:02	Name: __cf_bm Value: 3RBd2CFokv0XRk0f3qgWTurl6vhvZQ00Ppwc_2WlAvg-1724520455-1.0.1.1-ZgY4Oeny8XSvuTV1OBH79eT3T2wiHAEbVM2XLoXq3VllsWpmBf9l1_UfmtmJk01MQ9n3bG8KsSH4RprSXKKQZA
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: FJWnIyacKL9POODQJNPeuKpPa8T4xdoCy0dcun0pCbY-1724520455823-0.0.1.1-604800000
.fintitan.com/	1970-01-21 01:11:36	Name: _fbp Value: fb.1.1724520455902.725523717631203953
.tiktok.com/	1970-01-21 08:23:36	Name: _ttp Value: 2l79sg9g6kfJSJftpQEOmbYu5lM
.fintitan.com/	1970-01-21 08:23:36	Name: _tt_enable_cookie Value: 1
.fintitan.com/	1970-01-21 08:23:36	Name: _ttp Value: Kf09KUJHsF2-fSr8LpJV0qnEOqj
.linkedin.com/	1970-01-21 07:47:36	Name: bcookie Value: "v=2&033defec-6e66-4f9d-8b84-d09dd7857279"
.linkedin.com/	1970-01-21 03:21:12	Name: li_gc Value: MTswOzE3MjQ1MjA0NTY7MjswMjFVAjE1u3WYWBUR0OkafI3JdMjmUryuhhzXSOR0p+x8Aw==
.linkedin.com/	1970-01-20 23:03:26	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3330:u=1:x=1:i=1724520456:t=1724606856:v=2:sig=AQEvmNqlcnI2Ss08mkMfIakO5DW-iPz5"
.podscribe.com/	1970-01-21 07:47:40	Name: _podscribe_adessocapital_landing_url Value: https%3A%2F%2Fsetc.fintitan.com%2F%3Fmbsy_source%3Df97fa0e6-8468-481e-a21e-8aae43c152f1%26mbsy_exp%3DSun%252C%2B24%2BAug%2B2025%2B17%253A27%253A33%2BGMT%26campaignid%3D66917%26mbsy%3D6FndJ3%26ambassador_id%3D6FndJ3
.podscribe.com/	1970-01-21 07:47:40	Name: _podscribe_adessocapital_referrer Value: _
.podscribe.com/	1970-01-21 07:47:40	Name: _podscribe_did Value: pscrb_5f792b11-35c8-4ef4-e3f9-fcfcc3d8dea9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ipredictive.com
ajax.googleapis.com
analytics.tiktok.com
bat.bing.com
blue.mbsy.co
cdn.jsdelivr.net
cdn.prod.website-files.com
cdn.weglot.com
connect.facebook.net
d34r8q7sht0t9k.cloudfront.net
d3e54v103j8qbb.cloudfront.net
e.clarity.ms
ffcraconsulting.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms-na1.hubspot.com
forms.hsforms.com
ipv4.podscribe.com
js.hsforms.net
js.ipredictive.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
setc.fintitan.com
share.ertc.com
snap.licdn.com
unpkg.com
verifi.podscribe.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
13.107.42.14
198.185.159.145
2.18.64.15
20.57.85.160
2001:4860:4802:32::36
2600:1f10:4c2d:4711:743:a128:990e:f0c3
2600:9000:275d:d400:1b:e40d:4a00:21
2606:4700:20::681a:ca0
2606:4700:4400::6812:22e3
2606:4700:4400::ac40:9572
2606:4700::6810:7674
2606:4700::6811:f7cb
2606:4700::6812:50cc
2606:4700::6812:8e77
2606:4700::6813:afbc
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:bdf::44
2a00:1450:4001:81c::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a02:26f0:480:15::213:7e60
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::485
3.165.190.90
3.216.119.23
44.196.228.151
52.17.119.105
52.222.232.47
54.147.249.115
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c869c7509c16f3380eb2be6af25ab26b198dbc229daa3f1f3a6aa2d5ce061eb
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
2414105eb80101109e80569aeabf0faec5ca37e57bf7cae5ddb7d337c3538ee4
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
2b4029bb8059d73b7c6bd5bf05239ebd07be1c0985307534b3ad8e1a1aee36d0
2fb3034df4b523a32a725cd3a9ffdc0cf73b22022e803505d9c38ab5ea769ca1
35638404c448909f695c198049e27b151876151b68f65e4f8d183ede75150e14
4197423e786388f9b1cb028c2222c14f7f156dd14d8fd362511f6b0934933757
432ff2201f19cc20b284d447d596d8b4a35835cdee2053e63c37ee41eb4d6e91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4714a6d5973c75f99807fe5b7b32f21730f298ddc6d57f723d9fce01e901e912
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
56d9cfdacfa806112cbcee726f204bcff890f3b3218d479d9a77072f1ca66e5e
5bdc23f1bc704f76d0f61d227e8b2a17bdfd83454c13dfebe9d3b4cb2f05f8d4
60c203a33188941cc419c8cb1fcc8d3099a07806700e5a1fb9a3e120947ce761
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6f70126889c376c3871cf9c8e4cc845462a5eae86398dd6834344ba90bff8448
720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1
79cd7122dde927f16dfc9fa2d180a207c5cacf0eeca575f62cdac1961f65e33e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
9f2926504d61d971160c1b7a5891313062cd0cab673e787d51c3ecd58b6cfba8
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aae59fb5ab6d4813c590e022a7bcbfe88cd74c6dc0d89456e0faea78ad88c3dd
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af43312bae6285ed7a1da7aa13091a4223d7fe7d2f56ca7f2d8c9706b5730a34
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bea8943148fa59aa43d1d92f1a5428d4bc24348be7dc27e095d30aa3eb21f333
bfe099dfb65c266ecb4cb6b9b9a3f961a76bd14aaaf1e0ea33eeb735140d5831
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce546db09aaf64a40e42d90ac771f26b72d86f24bca661c516bfe4d4d1fcd296
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d5c8ae252a97f994ffbe603d7f92150bcbb77a9b5a942162ad5471e195e73a15
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db088a62f06278e9cc2ce278fc156332efc60507710b5a0ada7c5ab3a6fad2b7
ddc451027c83a11707ac910f223f84f7bc51f3881197223978e2a717efa64c57
dfdf1af1a230e3ee08968606c4322f5a9c51a5a6bf341687fedac60716c9ddab
e07c80556b70af6bdc1478f2a424afe7a876db3b7de55b067625e7d776a7ef22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e493cde6c7936671180ff967ed6bcd631ff4b82875d06e80b51ee7fea0dbd481
eb86c1c96aabe40a23510dab283f2714743c8e38ad4f7c69fb10c5694e821788
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f2fc4f1cd87c40b0d83ea0542ba613b4337450bbdc0ef30c7f033ac04e4fac70
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

setc.fintitan.com Open in urlscan Pro 52.17.119.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

99 %HTTPS

69 %IPv6

25 Domains

32 Subdomains

30 IPs

3 Countries

1508 kBTransfer

4206 kBSize

26 Cookies

5 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

setc.fintitan.com Open in urlscan Pro
52.17.119.105 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

99 %
HTTPS

69 %
IPv6

25
Domains

32
Subdomains

30
IPs

3
Countries

1508 kB
Transfer

4206 kB
Size

26
Cookies

80 HTTP transactions
1 data transactions