www.iconsavingsplan.com Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen60.com/s3t/c/5/f18dQhb0S7kF8bpVlRW1bxh-y59hl3kW7_k2841CX6NGW36PYz12P38RyW7vZrg96fd7f4f197v5Y04?pi=e8fdc...
Effective URL:
https://www.iconsavingsplan.com/
Submission: On November 01 via api (November 1st 2022, 5:00:45 pm UTC) from IE — Scanned from DE

Summary HTTP 104 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 26 domains to perform 104 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.iconsavingsplan.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2022. Valid for: a year.

This is the only time www.iconsavingsplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:90fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 3	2600:9000:226... 2600:9000:2260:6e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.245.242.222 34.245.242.222	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	108.138.17.98 108.138.17.98	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.13 99.86.4.13	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.208.176.252 3.208.176.252	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
104	29

1 2606:4700:4400::ac40:90fc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen60.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.iconsavingsplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2260:6e00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.245.242.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-242-222.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-98.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-13.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.208.176.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-176-252.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	iconsavingsplan.com www.iconsavingsplan.com	4 MB
11	gstatic.com www.gstatic.com fonts.gstatic.com	630 KB
8	google.com www.google.com — Cisco Umbrella Rank: 17	84 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7056 perf.hsforms.com — Cisco Umbrella Rank: 20576	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 815 www.linkedin.com — Cisco Umbrella Rank: 745 px4.ads.linkedin.com — Cisco Umbrella Rank: 7246	3 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1420	8 KB
4	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3118 d.adroll.com — Cisco Umbrella Rank: 2070	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	263 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 4898	201 KB
3	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 5727 api-iam.intercom.io — Cisco Umbrella Rank: 4913	5 KB
3	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 5144 track.hubspot.com — Cisco Umbrella Rank: 4040	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	132 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 616	12 KB
2	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 5454	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3590	565 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3824	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3839	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 7510	23 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5525	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 11397	148 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4088	932 B
1	sidekickopen60.com 1 redirects t.sidekickopen60.com — Cisco Umbrella Rank: 369563	430 B
104	26

	Domain	Requested by
37	www.iconsavingsplan.com	www.iconsavingsplan.com
8	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	www.iconsavingsplan.com js.hsforms.net www.gstatic.com www.google.com
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com js.hsadspixel.net
4	www.googletagmanager.com	www.iconsavingsplan.com www.googletagmanager.com js.hsadspixel.net
3	fonts.gstatic.com
3	js.intercomcdn.com	widget.intercom.io
3	forms.hsforms.com	js.hsforms.net
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.iconsavingsplan.com bat.bing.com
3	s.adroll.com	1 redirects www.iconsavingsplan.com
2	api-iam.intercom.io	js.intercomcdn.com
2	track.hubspot.com
2	api.hubapi.com	js.hsadspixel.net
2	www.google.de	www.iconsavingsplan.com
2	www.facebook.com	www.iconsavingsplan.com
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	perf.hsforms.com
1	widget.intercom.io	1 redirects
1	forms.hubspot.com	js.hscollectedforms.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	d.adroll.com	s.adroll.com
1	px4.ads.linkedin.com	www.iconsavingsplan.com
1	www.linkedin.com	1 redirects
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	fonts.googleapis.com	www.iconsavingsplan.com
1	js.hsforms.net	www.iconsavingsplan.com
1	js.hs-scripts.com	www.iconsavingsplan.com
1	t.sidekickopen60.com	1 redirects
104	35

This site contains links to these domains. Also see Links.

Domain
employer.iconsavingsplan.com
my.iconsavingsplan.com
www.google.com
support.iconsavingsplan.com
www.facebook.com
www.linkedin.com
medium.com
twitter.com
www.youtube.com
www.apexclearing.com
www.finra.org
www.sipc.org

Subject Issuer	Validity	Valid
www.iconsavingsplan.com Cloudflare Inc ECC CA-3	`2022-03-17` - `2023-03-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-11` - `2022-11-09`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.iconsavingsplan.com/
Frame ID: EC8632FFA0DA64E55527FEB43A9974D7
Requests: 83 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EEBF4B004F6658B8FC74AB6589A568CB
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.cecfaaa5.js
Frame ID: 32E03798F9D1511EB4DE167BAB1DC32A
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaWNvbnNhdmluZ3NwbGFuLmNvbTo0NDM.&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=invisible&badge=inline&cb=hsnbdrw4zzm5
Frame ID: ABD48485C765E22F0AD31C27693AF65D
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: CE74A165987407BFE57D8A9E5634DD6B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Retirement Savings Plans for the Modern Workforce | Icon Savings Planicon-play-button

Page URL History Show full URLs

https://t.sidekickopen60.com/s3t/c/5/f18dQhb0S7kF8bpVlRW1bxh-y59hl3kW7_k2841CX6NGW36PYz12P38RyW7vZrg96fd7... HTTP 307
https://www.iconsavingsplan.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

104
Requests

97 %
HTTPS

81 %
IPv6

26
Domains

35
Subdomains

29
IPs

4
Countries

5479 kB
Transfer

10963 kB
Size

27
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://employer.iconsavingsplan.com/login
Title: Employer Login

Search URL Search Domain Scan URL

URL: https://my.iconsavingsplan.com/login
Title: Individual Login

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/422+NW+13th+Ave+%23823,+Portland,+OR+97209/@45.5262534,-122.6840549,17z/data=!3m1!4b1!4m5!3m4!1s0x549509f8ba110bd1:0xc140bdf496c2080b!8m2!3d45.5262534!4d-122.6840549
Title: 422 NW 13th Ave #823, Portland, Oregon 97209

Search URL Search Domain Scan URL

URL: https://support.iconsavingsplan.com/
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IconSavingsPlan/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/icon-savings-plan/about/

Search URL Search Domain Scan URL

URL: https://medium.com/@IconSavingsPlan

Search URL Search Domain Scan URL

URL: https://twitter.com/iconsavingsplan?lang=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCtBNicuTTARWEPXj3ANzUWw

Search URL Search Domain Scan URL

URL: https://www.apexclearing.com/
Title: Apex Clearing Corporation

Search URL Search Domain Scan URL

URL: http://www.finra.org/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen60.com/s3t/c/5/f18dQhb0S7kF8bpVlRW1bxh-y59hl3kW7_k2841CX6NGW36PYz12P38RyW7vZrg96fd7f4f197v5Y04?pi=e8fdc4e9-20a2-4d36-feda-a31cbd3be2b2&si=8000000023451397&te=W3R5hFj4cm2zwW4mKLS-3SYMF2W4cGpkL41S8pvW3ZSz4q3Fbt5S0 HTTP 307
https://www.iconsavingsplan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://s.adroll.com/j/exp/FO6ZKK6AC5ETJFOQ36SFLJ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 51

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3797457%26time%3D1667322038576%26url%3Dhttps%253A%252F%252Fwww.iconsavingsplan.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQLfBI3MHwohMwAAAYQ0I0t4jzrcX0vNVeMihh3HVEeue1Pxntou_KsUqdssaLvFUQ

Request Chain 68

https://widget.intercom.io/widget/jhrlzhsl HTTP 302
https://js.intercomcdn.com/shim.latest.js

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.iconsavingsplan.com/
Redirect Chain

https://t.sidekickopen60.com/s3t/c/5/f18dQhb0S7kF8bpVlRW1bxh-y59hl3kW7_k2841CX6NGW36PYz12P38RyW7vZrg96fd7f4f197v5Y04?pi=e8fdc4e9-20a2-4d36-feda-a31cbd3be2b2&si=8000000023451397&te=W3R5hFj4cm2zwW4mK...
https://www.iconsavingsplan.com/

97 KB
22 KB

775ms
703ms

Document
text/html

141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 79a940f065036052aeddeeb00d62bea91b8d3c906e85d83073349888c8997717

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7636300d18d76997-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 01 Nov 2022 17:00:37 GMT
link: <https://www.iconsavingsplan.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q16fI3LLX%2BNhiI9S32ZocKx8d9o0cUZhEX%2BspcQDj2925cI2rqz9Nh1lFubwyP3KkQ%2B4ZzvtX4s0zyFNETT2fxJ2nJvSb%2FbCaLVoUyAWWkTitvZSyu6Ftu06WD1gGBKIHWwBzzkh8nFY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7636300a8fc3bba1-FRA
date: Tue, 01 Nov 2022 17:00:37 GMT
link: <https://www.iconsavingsplan.com/>; rel="canonical"
location: https://www.iconsavingsplan.com/
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 62568988-fe93-4bc6-9254-bd11e34089bc
x-robots-tag: none

GET
H2 200 style.css
www.iconsavingsplan.com/wp-content/themes/narpp/build/ 671 KB
94 KB 45ms
43ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1620932940
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8740d17d6107873274925950825ccb234581145cdbc2f52b17b0e2d96ea147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 20:17:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24303
etag: W/"6351acf5-a7d47"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWRjfPy6B%2BbtmMYayHXcP%2FS1Dh1RzL3HxegSNYI1Jnv6A0BIwKJeau1VjW0Ckrck1Abi2v3f72MauScS97u7TwJq06FFf8qT2HsEDEkciCVQaR6O8CkLRS%2BQbWP1b6AI%2B8OdBzN8%2FfeM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630118ac26997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
www.iconsavingsplan.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 29ms
28ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24303
etag: W/"62c2d8bd-15b64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO1CAgCV5oKg%2FYfApdgSzNak6%2BnSA0t5fY49iwpEjnf8pC5t%2FtQR%2BGxlkF8FY4aLFxeeY4xH9i7IbQOf9DzHW2%2FNeMewSoBnCauew8D66vhnCHCwyjKw937YWewJWAsMWoNhtTMccUDV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630118ac56997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.iconsavingsplan.com/wp-content/themes/narpp/build/ 671 KB
94 KB 83ms
82ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8740d17d6107873274925950825ccb234581145cdbc2f52b17b0e2d96ea147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 20:17:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24303
etag: W/"6351acf5-a7d47"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpBgYNAswjjLOgTUdbN8gqdGLuqMVs1SnjezC53fNk%2FfDonZpdQ3TRypXz1mmKaZUMXKdmfIFxlIhZq%2FpkA0WdG%2FJhIk6iF%2BcGBnJrfwzQrqowvQ%2BPGZVimj6Xa001adoARhLdwoUHnX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630118ac76997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sassy-social-share-public.css
www.iconsavingsplan.com/wp-content/plugins/sassy-social-share/public/css/ 9 KB
3 KB 43ms
41ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.43
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87e1ed8c94d134e4e068a17891d3dad0d122ee052bf061da0ca0e87b3da75069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 17:24:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 80859
etag: W/"63235fc1-25e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXKLTWcP6V6WrvDj1TKjmfOBMlmtRr%2FyPQ2qqHpRlAiewJHVhMz%2BKBXKUsihz2p3Iw6lsN7dBtuf3XGt8%2FadwDs17jQwrqeI%2FdKHQ1Nz%2FbsOc9Um0psKeYUWy%2FjC0SrOk1K5NsAMv%2FKs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630118ac96997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.iconsavingsplan.com/wp-includes/js/jquery/ 87 KB
32 KB 36ms
36ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99774
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v8vnIp1TAf%2FfJjQxQookAcVU0DcnxjMZYTLsHU8KjJFXTRf1S1wc5Zjy5AfCkz7JHIutPgGZNY%2FgQWXpDAGounGVt9nJeKNg1kk53DKm%2FFAMz5ilgeVngXy%2Bigj925ohg97zcw7bcxW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630118aca6997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.iconsavingsplan.com/wp-includes/js/jquery/ 11 KB
5 KB 32ms
31ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24303
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncpvs9aTDizq5gPUWKRMWrgEg4ph1agMiPXM7sP%2BlIEKQVYXGBVRynA2Qw9CKwKUkNA6epgLkbZnqNr1ptmNT0pzOZv24g4iAYTnSSTmMG%2BGA6j%2BVz7275ULFKu6XlAa6jcgyLaCcJJE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630118acc6997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7365448.js Show response
js.hs-scripts.com/ 2 KB
932 B 211ms
169ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7365448.js
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9bc4995e2a6f5c525c432eacd4129ba934ca76afd593bb98ae5d8fbe96dc4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 01 Nov 2022 10:16:42 GMT
server: cloudflare
x-hubspot-correlation-id: 18dba674-1feb-47c3-88ea-e66c299537f8
x-trace: 2BDA7F692589C0B70819C429EE81F93B040FFCE5E6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 76363012cff2bb5b-FRA
expires: Tue, 01 Nov 2022 17:01:38 GMT

GET
H3 200 plus.svg
www.iconsavingsplan.com/wp-content/themes/narpp/build/img/ 234 B
657 B 49ms
38ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/img/plus.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a254fd0807561caf8d718822aded2facb0a66adb26335c30d418b95cd254d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 00:33:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6
etag: W/"61bbdad9-ea"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nGM6PawdOwGin8nhJnrwnCa1BnWGXdV%2BjtYrcq31VRrH%2FFpBrSj3j9GnXbkMN3K2WxFRc2ODTO3%2B%2BKtvjcs1tTpbOxFCwLqbij5T6XjcFms7Fx9uPuv%2BfCSoOp8BBEqOqj%2BzlUIOJvy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129836bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 minus.svg
www.iconsavingsplan.com/wp-content/themes/narpp/build/img/ 175 B
629 B 68ms
57ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/img/minus.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16fb3e33a4eae29cd087cbf10db6704a427ecfc9a4c1f9a8b423173f56043b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 00:33:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6
etag: W/"61bbdae1-af"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX2OxDdbLRJwHymfaYybJyoQWrQtN7IV1vhi4c8Fg76CFO5MF1wzMRhcbMefx4zE1XNO77X3uHZCDIpaqSwcsAEfEnbR8tp8tRi7GnigYWQn1qgo%2Bvxkdeqcelu%2BABguRcq0Ny%2FFOiJ6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129838bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 money.svg
www.iconsavingsplan.com/wp-content/uploads/2019/11/ 156 KB
111 KB 49ms
38ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2019/11/money.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4654185f06362ec9aa3916461b3d5de012c0e8730a65e81eb5a6af632ba59a59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 22:26:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6
etag: W/"5dbcb10d-26ff5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BlSQ3SVIjQ0U1vZXz0nzvWCfyAZMpK8Ei0IF8Pcyp2j%2FO4vVoUpAjws8%2BWlk5BkdPbwG%2F79BSq2U%2B9sb9JwFhf14EfNJ0nz32XmYbGYYW9QCQcuYSgxgBzj9IqRCyffIXjMCYsjMXH%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76363012983fbbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 forbes.svg
www.iconsavingsplan.com/wp-content/uploads/2019/11/ 233 KB
159 KB 87ms
77ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2019/11/forbes.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ca529c38cc18eb7857e29020e3c45d4b6371419405ba10d914efd6f86a4a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 22:26:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"5dbcb124-3a39b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOFchWmF7Hk7ryLC%2FcLcbt9e1O4Gz%2BVbnju0RW1BaXQlmNvykV0NMXaWUI7c3OvXRKJRAqsNL7pXZLdaOJpEZTkW495Tqcs%2BWxtiBU0kQUYsgvvJb0Leyi0eYqiLvEvHica6kFCCUGqa"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129842bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hrt-1.svg
www.iconsavingsplan.com/wp-content/uploads/2017/06/ 221 KB
166 KB 92ms
81ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2017/06/hrt-1.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45e2e18507b4fd695307516f8c89f9e1aa57245d8a02f23222d1ca5ab705d569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 21:29:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6
etag: W/"6297da35-37255"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDTBoJzwnWB5cX2jfBjoN4Toh5Iapa5p%2BxFEIJVAr8uDl7F7YyPNYKfsXeS%2FflUmhdUeLJTZhLqKhJ63vCpx73Pn4DqGey01dqXzFEqdBpT8uwP7lmsB1KoYv7%2FBpcADgJ1fCf1mqzsL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129843bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 market.svg
www.iconsavingsplan.com/wp-content/uploads/2019/11/ 16 KB
11 KB 98ms
87ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2019/11/market.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f515bd4d2fa7eada2c0421b2f0f6adeec85b051bb3b3a1fcf4728d61533c413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 22:26:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"5dbcb12e-3ed6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SU1MKUocrp89rsUamTfgc3Nakw0npakEq0VbbQuaZW4IrSHhach19IvQ0BTUiIUtx%2BOdvBS2xJdY4%2Fmvgrbgdyd5HVQvSN7UdcW%2FW3SOOX1kaf%2FLZsc46HYR2TFURGe%2FjvksTpE2Iz4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129845bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Group-6479.svg
www.iconsavingsplan.com/wp-content/uploads/2017/06/ 14 KB
7 KB 129ms
118ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2017/06/Group-6479.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733cb2c43f84352561edc5d0323dd677f11e18a95d6f1421e929c8a7f73ad6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 21:30:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"6297da59-399d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPRIUK%2FfYAWYdYudL2omX2HwG029TysMhRgtZ%2BB8GHD94ubJ4ujl5woZKYn2BLgy0Xu5cYn%2Fru0MXZW9pguu5JJLgKV2qO7FSI4HBb1vUoNNIZQizrBPyRTDX8c9N617mrWDka7FG6QA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129848bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Group-2.svg
www.iconsavingsplan.com/wp-content/uploads/2017/06/ 5 KB
3 KB 130ms
119ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2017/06/Group-2.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9feb24d92d2066e82e6e70bfa61bf5c33674d61cc1ab906231ac75cc821d395f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 21:30:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"6297da69-143a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky5Tk2f7gII89IOLqR6O51kjCj2xEgZ%2F56w%2BUnlvPSg5hKd3ZqGElA8t1naAFLNksenc6KNdQK7u0iclEfAr1JRB3ggbBtUvKuIE51KI68DSIKfXQmW%2F6pM%2F9qYqrojLVX3g6TNl9sLK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76363012984dbbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Group-6383.png
www.iconsavingsplan.com/wp-content/uploads/2022/06/ 676 B
1 KB 132ms
121ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2022/06/Group-6383.png
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b682518f6afee8440776fd82fd707976e9522adbd4008706e7a21f3529ee928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origFmt=png, origSize=985
content-disposition: inline; filename="Group-6383.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 676
cf-bgj: imgq:100,h2pri
last-modified: Wed, 01 Jun 2022 21:33:08 GMT
server: cloudflare
etag: "6297db14-3d9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDpL1B%2F%2BDP4ZCSsHmWZUcpttF8U2miros3pUu7L%2BeSsqMKdKeA6w2UsTl%2B1NYiwResOcDGAOMmZ2UDZYozMuIDnnOy6CXrycNUbwcxJZsUt%2FbY9eqBkpPTZYiihWiJWzk4gpdYFQCFAn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012984fbbb5-FRA

GET
H3 200 Group-6564.svg
www.iconsavingsplan.com/wp-content/uploads/2021/08/ 1 KB
912 B 132ms
122ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2021/08/Group-6564.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf065a801b57cc64889b234c315766e52a226d3f478040759d67e0047b52346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 17:31:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"61292181-4c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEfMRecmG9kdQuw7Os9ZOuyMEijoCeO2G5Yn1OsQcHVR9zuESKFQ17dsTN0r6Lmr%2B0WlMRXCBVyoJfYcETtV5i756LVyh5pOQON2b2HM7JeTKdBSmZni7kGvf2JjasVLo4udBZunwc8q"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129851bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Group-1.svg
www.iconsavingsplan.com/wp-content/uploads/2022/06/ 4 KB
2 KB 133ms
122ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2022/06/Group-1.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 149e4eaa0b8a884c843c16cbeb0fca6c74367663c7cb2d092c8b07e3e703aa21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 21:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"6297db71-f53"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAmuKQ2GYG36Jm%2FRhOhyYA2oJIptIyGjyA53fPaiyZUmLx4bBMfEEg2GwRhcLkOWx7LAe7SJ1RX%2Bg2x157IWFfex978CjeySB%2F2UuASr%2Fy01nHxC8FsTiqXGtkz%2FjTqFePpi5LGz2Vn%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129855bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Group-6495.png
www.iconsavingsplan.com/wp-content/uploads/2022/10/ 135 KB
136 KB 133ms
123ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2022/10/Group-6495.png
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed392b02405865f6e6ef48e0934d8a68194706626831b4cf948fa0b22a6a813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origFmt=png, origSize=234757
content-disposition: inline; filename="Group-6495.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138224
cf-bgj: imgq:100,h2pri
last-modified: Mon, 17 Oct 2022 17:08:09 GMT
server: cloudflare
etag: "634d8bf9-39505"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL%2B%2BhgZOQda%2FEsYwRqBxB%2F%2BjZQ%2BCI8ArGgRXakM8pTe3Y24tk%2FNC1iJevmABxzz1Q94XkmbFK%2FSTufhoxCIq6NSOK%2BPX54jQjC0%2B805QTKx1Y3tNFkZblTlGd7bOQCdLigXNSALsS39V"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630129857bbb5-FRA

GET
H3 200 conversion-video.png
www.iconsavingsplan.com/wp-content/themes/narpp/build/img/ 97 KB
97 KB 214ms
204ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/img/conversion-video.png
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 763e2f8517f3d0b2e8f72caaa4525917d5baa493b95081246b679f7ad23ebe7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origFmt=png, origSize=171410
content-disposition: inline; filename="conversion-video.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98858
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Aug 2021 18:45:12 GMT
server: cloudflare
etag: "611ab238-29d92"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OXt8JAfvqyRuNgRd4kiWqzK3Fc574raSI6T%2B3lSTjDwpjG0WFORzhnc%2FvnGsMVfQPhChMvEGHbR88TxAB6lvl0jwPPkjFrZoeq%2FqZ1MPJkWdAZlFlMk1ouROlMqLsynAlo8MKW56DTE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012985cbbb5-FRA

GET
H3 200 pexels-garon-piceli-593777-1_optimized.jpg
www.iconsavingsplan.com/wp-content/uploads/2021/12/ 254 KB
255 KB 313ms
303ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2021/12/pexels-garon-piceli-593777-1_optimized.jpg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7097d219fb90c429697bd616c3d5af7f37ef16d3717577ddc6dc01bf1291cbe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origSize=283818, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 260231
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Dec 2021 00:19:25 GMT
server: cloudflare
etag: "61bbd78d-454aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs9fpcVT8SQTsNvIxg5FxMaU00eedV9Lo7hgPcdZ5PFBVqToYEaBLyLhrn64DWdxBbidFjb%2BLMkzg7LY4BrikXgvJrGJhm3f8v0MD5UDFUg0Ub42chN0%2BdxUh2EcGVP7KKVcwTlrcifN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012985fbbb5-FRA

GET
H3 200 roberto-valdivia-HrRm_V-V0sM-unsplash-scaled.jpg
www.iconsavingsplan.com/wp-content/uploads/2022/03/ 293 KB
294 KB 55ms
45ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2022/03/roberto-valdivia-HrRm_V-V0sM-unsplash-scaled.jpg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0b19b8393eceda8579f39b1a9134153ea7f9b89174988e5e17eba0ca1d0a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origSize=310059, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 300298
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 Mar 2022 21:34:23 GMT
server: cloudflare
etag: "62267a5f-4bb2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6oFfEpXCXy8QM%2FCBCTQtbbLd%2FdUnlVHEBObc2Qq5Q2gnNi3Wku6B%2BO6q51U6yEJwv607egtNkubwXVEbcmEgdfHiySaF6mOEqyaQ4IPrVkmGCLWEOoEzGmBUyntJ0SKmG6l2btPRTNE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630129864bbb5-FRA

GET
H3 200 pexels-lukas-rodriguez-3559235-1_optimized.jpg
www.iconsavingsplan.com/wp-content/uploads/2021/12/ 259 KB
260 KB 205ms
195ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2021/12/pexels-lukas-rodriguez-3559235-1_optimized.jpg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3625a55a2ac1d3a0b490fc6d4d861747af01d493e431785d4340447993409265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6
cf-polished: origSize=276271, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 265670
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Dec 2021 00:23:46 GMT
server: cloudflare
etag: "61bbd892-4372f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lL2IfrEGH8xYBRX7BplRg%2BtvgHlI%2FjqW6i%2BtSXaYA7GrQX9PkSPvYo%2BCBZoqIpH9h%2B%2FTTywGo4unn42QrvFAOJiLMR4WdZ9bK3DOva8QGVmyKJiDmEMoXxEsy1V466tieJQe4J2DAL3t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630129869bbb5-FRA

GET
H3 200 pexels-roberto-nickson-2816168-1.jpg
www.iconsavingsplan.com/wp-content/uploads/2021/12/ 598 KB
599 KB 323ms
313ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2021/12/pexels-roberto-nickson-2816168-1.jpg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dd97b1a04ebae0c0544f162bcd1b9a3acafaaf1597173e1df7e996beb0c49cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origFmt=jpeg, origSize=2126732
content-disposition: inline; filename="pexels-roberto-nickson-2816168-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 612336
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Dec 2021 00:09:36 GMT
server: cloudflare
etag: "61bbd540-20738c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FvNsTLC656mmVf7YuTDERUMjOzdwmGutSb6PmKaxd2Lil7QK%2F7UTnCjY9Z5SnnPd38ZEtqmPcj4O3l0le%2BZb0Tj68BCRx2M7m8%2FafhvfyaLrFxsHkKJ0vijD0ehiZNla7QDaNHx1oli"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012986fbbb5-FRA

GET
H3 200 pexels-rakim-davis-539763-1.jpg
www.iconsavingsplan.com/wp-content/uploads/2021/12/ 1 MB
1 MB 380ms
370ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2021/12/pexels-rakim-davis-539763-1.jpg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbca8016bd15d932ee99cc5046a10340a03c4b4cace0f99271625eb7106024d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origFmt=jpeg, origSize=2984109
content-disposition: inline; filename="pexels-rakim-davis-539763-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1077908
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Dec 2021 00:03:41 GMT
server: cloudflare
etag: "61bbd3dd-2d88ad"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNbc9s8ZwpJJE%2FfbBNH%2BSuYMNEPpF8%2FU4b3pb208bmCpJaAcQwbjE7a7wx8H6lt9e9dshSMZzWXptIR7GyZYz4CXWO%2FlGslU9AqP4g%2B59YvUjMw3ICGvTNu8UD1DAXSyp%2FGfARz%2FXZ96"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630129874bbb5-FRA

GET
H3 200 wp-emoji-release.min.js Show response
www.iconsavingsplan.com/wp-includes/js/ 18 KB
5 KB 446ms
437ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 92726
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J%2Fa27ReRHZhbc%2BYEdpUNXg3cPWEqZ8Fy%2BhNz1hkSfv3UC4ni5WD5%2FAdQnSvS%2BuRc0X1cX%2FNm2VGDaNNXQZ%2FN%2FGQNSnpgYqozXgJUvQKEuBreDi7GC90d8Vm1i1bgcRnOWqvfqDJDFxE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129878bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 form-img.png
www.iconsavingsplan.com/wp-content/themes/narpp/build/img/case-study/ 67 KB
68 KB 448ms
439ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/img/case-study/form-img.png
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b74ad1c55e5740197777f651f58af7ead7718317da15f1fa04b31572df13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origFmt=png, origSize=119163
content-disposition: inline; filename="form-img.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68752
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Dec 2021 23:58:37 GMT
server: cloudflare
etag: "61bbd2ad-1d17b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyT%2FjlhibLFOm3jPcP24CmWyyWZVOOEF2c%2F3g3rfgPYI8Lz8t4rqcZgsrSPeUe5tTCoGuUnFm1GBs9wdX5x6P6B51UwbJaEwEOwV8VbhFfceWj9yaPXovXWSu70MpL86tyYJpjdbYEGm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630129882bbb5-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 586 KB
148 KB 367ms
166ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e1f263a74f81f70d098643437471ce7ec92cf3ba3f5f2a7d0e0699005e22537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
x-amz-version-id: ewyyhtTJWgd2dW0GsLpY7sH1RcV9.GZv
via: 1.1 94defde799a43ca420136e37bc3758dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P4
age: 542
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Nov 2022 01:20:09 UTC
server: cloudflare
etag: W/"cfbb34618d5163364b294b6b8baf3ca3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnOOY6m64cQCcaK7FrJWmTP587uYSj1QqdDpOxOcTHLjZZVzvtz3MGWIt7Ez6YUSA3W%2BxtfwZqAzZVYIkZbXWLtB4TcUxc9eYaN2NpxRTds0SJEujaziOt8H%2Br%2BO%2B6m6wRwQbCf1NxowwOrP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7636301349945be5-FRA
x-amz-cf-id: fZx2dJgSSiuekplK0YSdDtpdy5i1c1G_pxJ9Ruh01h99AlPJcsqImA==
x-hs-target-asset: FormsNext/static-5.548/bundles/project_with_deps.js

GET
H3 200 floating-phone-comp2.png
www.iconsavingsplan.com/wp-content/uploads/2017/06/ 120 KB
121 KB 466ms
456ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/uploads/2017/06/floating-phone-comp2.png
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24291f97c9169f3a1f987238dd0d2a74a62bf0d8a06ea2aaf7e037d867c22900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6
cf-polished: origFmt=png, origSize=125524
content-disposition: inline; filename="floating-phone-comp2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123364
cf-bgj: imgq:100,h2pri
last-modified: Tue, 02 Mar 2021 00:25:07 GMT
server: cloudflare
etag: "603d85e3-1ea54"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV11zJYOvIuq3HbTBsMUFqb79bKPXk%2FU%2Fc3LJaei43KVY2A8SVKrXHRA6KXG%2FM8440bWiaaNECp9h8kstsf%2FLnvagwCY0CU5Qa6E1uM3S1QoaImv60FgjhLo3IeTh8xQcGqJBHij%2F5bC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630129883bbb5-FRA

GET
H3 200 wht-icon-logo.svg
www.iconsavingsplan.com/wp-content/themes/narpp/build/inc/vectors/ 3 KB
2 KB 456ms
447ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/inc/vectors/wht-icon-logo.svg
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0bb332fd893026a6041d8e01aa612bca1c1f3e5cbab4407e7e302bcbcdb1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 21:13:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5
etag: W/"6297d665-ad9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCFrw0Evz3AyeQMtJUgC%2B3yu24GleCtmHbQ5paTe7%2B2OWBiYVxb1Cg%2B21RMv2k1KCm0ugaaqEAXO%2FltgMqC64HJmRcjZhOlCyUtlvFBkOqHoMqxNg17PHDcjVoFBIh8ulkXhVXM2nGFL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129887bbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core.min.js Show response
www.iconsavingsplan.com/wp-content/themes/narpp/build/js/ 259 KB
78 KB 41ms
41ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/js/core.min.js?ver=1663285277
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f49cec5f7430acc66843b7744e9026abf385700090d7e857d22151284a939e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 23:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4108
etag: W/"6323b81d-40ae2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDAWtTRwLU1ZalrGbhkNPZS9gIskwrQTqIsRYNxfw3Mpw1Q3H1D7Q9Ry9rXEt%2BXt1J0i9E4lgrzxzPIcHazzqN7F4TXuJL2%2Fc0nlw2n0LPz1K9WPQ7KQEk0hUvoZ976nqfnPspimHWPw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630122eebbbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sassy-social-share-public.js Show response
www.iconsavingsplan.com/wp-content/plugins/sassy-social-share/public/js/ 117 KB
39 KB 46ms
35ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.43
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79066a1d9ef05bd56eed607049321dfdd5ba5587541268b06616dbd09b1f1549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 17:24:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99773
etag: W/"63235fc1-1d595"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmoeM8Gm1yDjE%2FQGtyxZyc5EABa57Y30P1y0gVXoS93ytvZz%2BMaHrXgE4rMo4%2BZE7mauonO8sPt4TsWFt7OQLVYuOyEWR7MyMs5cs6ByBK4cO%2BVWDyQM%2FbhYQE1gYaI1Cg5Ae%2FfHZJ1s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76363012982fbbb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 46ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400,500,700

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07d23a6c8d44a57e3ad946d8196f1fffa8fac3cc2e1b98b580136ff86baa7983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:50:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 17:00:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
84 KB 67ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56PR74V

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5a18f4c7d4ba95021ff79328daefa1305c610b014d7dfcf58e537a2d010490e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85062
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:06:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 17:00:38 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/FO6ZKK6AC5ETJFOQ36SFLJ/ 67 KB
20 KB 99ms
26ms Script
text/javascript 2600:9000:2260:6e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/FO6ZKK6AC5ETJFOQ36SFLJ/roundtrip.js
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:6e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db4463178576d56b3837dc552711d3786527e411d2396676b63f89cb119c0b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

X-Amz-Version-Id: qQuM7sBLY3XTZiQ_Bj4835HuBJvKSSiY
Content-Encoding: gzip
Via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
Date: Tue, 01 Nov 2022 17:00:33 GMT
Age: 6
X-Amz-Cf-Pop: TXL50-P3
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 04:01:45 GMT
Server: AmazonS3
Etag: W/"b3060f7b7afa4036b3e154a6c2d6b01d"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Qf8pjpy-k7KLbS96p0wFZSwwB9kZU5HCQJPb6cChpBDVilsTrIquMg==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 69ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 01 Nov 2022 17:00:37 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE03660A38954194AE2E906D5154C200 Ref B: FRA31EDGE0610 Ref C: 2022-11-01T17:00:38Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H3 206 Icon_Demo_Employers_V4.mp4
www.iconsavingsplan.com/wp-content/themes/narpp/build/video/ 915 KB
0 450ms
447ms Media
video/mp4 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/video/Icon_Demo_Employers_V4.mp4
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.iconsavingsplan.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
Content-Range: bytes 0-28079923/28079924
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28079924
last-modified: Mon, 16 Aug 2021 17:39:40 GMT
server: cloudflare
etag: "611aa2dc-1ac7734"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdIQw3fDab9mJDpSQ%2B9Ijp8ES9NolxxO67bGLQdOmeGU06J828COBa0EcWFA%2Bla5fksJtjLxG1hz5TUsXdnbU2x4Tb5R48e%2FcNpzTWaf64EYRk3%2FZkx4hu0yT2v0FU2LQAHvl6Ly8r3A"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 763630129889bbb5-FRA

GET
H3 200 Graphik-Semibold.woff
www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/ 49 KB
50 KB 637ms
637ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/Graphik-Semibold.woff
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c72bf041eb8334c224887e09f2b55092d9258799272aa6a95be9972599b22a

Request headers

Referer: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Origin: https://www.iconsavingsplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50264
last-modified: Sat, 30 May 2020 01:09:30 GMT
server: cloudflare
etag: "5ed1b24a-c458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vibCnJ55RVdXzU3VuBiWr2iSJzTfVsKAqGJQtJYoteE4A8HOB6%2Fdb2fnEbdfEzpFI3eQZxllUbejYnEvLKPWB6OvDo5ZKj7Km8ffP6wfnXLMpKJp%2BZTvYn7zOzjNQtOuHg%2BikUeLb6AO"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012988dbbb5-FRA

GET
H3 200 Graphik-Medium.woff
www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/ 49 KB
50 KB 638ms
638ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/Graphik-Medium.woff
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: af202dc9181a2a6e15859a28d76bf851f95f8fdcb6bf510d9515308294ff8f94

Request headers

Referer: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Origin: https://www.iconsavingsplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50332
last-modified: Sat, 30 May 2020 01:09:30 GMT
server: cloudflare
etag: "5ed1b24a-c49c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDHWjmqcSvJ8G0CKOomMrbuzy04LG6L4%2FIUK8CecBKRc8jvIOjqUsR7ydbq88ZB7x6XFIuRt1w7LLTLFEf6h1hEq90fhY%2BJv%2Bu3SAl6MJBRrEaibHEdKuanrLfP19vgYqq7SV30KNQ0G"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012988fbbb5-FRA

GET
H3 200 Graphik-Light.woff
www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/ 48 KB
49 KB 642ms
642ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/Graphik-Light.woff
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c2cd6dbdb9538c9146ac278fd1c2ce6904f05e7cf862821aa43488bca96a11

Request headers

Referer: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Origin: https://www.iconsavingsplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49448
last-modified: Sat, 30 May 2020 01:09:30 GMT
server: cloudflare
etag: "5ed1b24a-c128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95t%2B%2BRWieiXwvnQlh6bGSrSfZOseaQKgcVCB%2BZEbXZS0zCQ0uWxWDhJtGOPqiuwZ%2BHRDj3Txh9%2FlhYGsuIq6wBMsF2tQTZAMv4L%2BDrlhO6t4QIoXKaB2L%2Bu1xpq8twmW2iST61szLCQA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76363012989bbbb5-FRA

GET
H2 204 %20148001840.js Show response
bat.bing.com/p/action/ 0
118 B 168ms
167ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/%20148001840.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 01 Nov 2022 17:00:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33D107953AFB4D4480F79451C269C3AE Ref B: FRA31EDGE0610 Ref C: 2022-11-01T17:00:38Z
x-cache: CONFIG_NOCACHE

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
76 KB 98ms
37ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GM14VC4L89&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PR74V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e3ae19470b9ff2afe251d14791fc5af25ae768b32f27c9e6b9e0595f984534c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Nov 2022 17:00:38 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 997 B
690 B 88ms
17ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PR74V
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 647
date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: gzip
last-modified: Wed, 26 Oct 2022 22:31:50 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58870
accept-ranges: bytes
content-length: 471

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 117ms
68ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PR74V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 01 Nov 2022 17:00:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Xq94vkKPq+g3s/pSwVQgCCoZ2MrDwAjDxwHpMLbNKwjEwelcJolVCrJC3jjQ76Cm1w6KsDeSkEmjwwr6aWO9Bw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
18ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PR74V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 15:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7120
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 01 Nov 2022 17:01:58 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/FO6ZKK6AC5ETJFOQ36SFLJ/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

27ms
26ms

Script
application/javascript

2600:9000:2260:6e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: HTTP/1.1
Server: 2600:9000:2260:6e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

X-Amz-Version-Id: 3TnMO1iw0qw17MhnYw4sprJhuU7ahGp7
Date: Tue, 01 Nov 2022 06:33:58 GMT
Via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
Age: 38093
X-Amz-Cf-Pop: TXL50-P3
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Fri, 14 Oct 2022 18:57:24 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: o2OBRIFeS_o1U3Vfjjxi863SCAHbPIHhAqhIxlW6fbs6IekMI0GxzA==

Redirect headers

Date: Tue, 01 Nov 2022 17:00:32 GMT
Via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
Age: 5
X-Amz-Cf-Pop: TXL50-P3
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: s5d2od1eIj2xyuKKnn33l7Ik334JsKARltoVO-OyR1S7WgVcsCRlcA==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 504ms
44ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7365448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
x-amz-version-id: DLUYzpWToXViCCMAk42gu6ZXj0CV1cO1
via: 1.1 0af050b863ec46156a524df4e5d86692.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 507
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.301/bundles/pixels-release.js&cfRay=763623b0eb729bb2-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 12:04:15 UTC
server: cloudflare
etag: W/"6c8c013098279271f03db17ec4dd49a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 76363016fdad912a-FRA
x-amz-cf-id: l1WJWczYP68kJulVns527HhAM13dcISrjwDroOC-jcvQwTVnzy4KlA==
x-hs-target-asset: adsscriptloaderstatic/static-1.301/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 497ms
29ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7365448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://www.iconsavingsplan.com/
Origin: https://www.iconsavingsplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 24007
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=7633e5f6cd0568e5-IAD
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 76363016e9a7697b-FRA
x-amz-cf-id: 4Ml9JWbnn-x2fQevOPunqsduTFm0FGpT9xyy2x-tMP3m99iw_ochxQ==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 7365448.js Show response
js.hs-analytics.net/analytics/1667322000000/ 63 KB
20 KB 616ms
157ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1667322000000/7365448.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7365448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50d7d62f3484f093b5105320fdce4d7f6cec0dab081b15808d0344d68ed4f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9R2V8VP84QZKPRFZ
x-amz-server-side-encryption: AES256
x-amz-id-2: AfbOApTKJ68GS2Dq8bpWWX31bKIMfGJ9yUXcL30Fb0r7kzFCst4W83yK5MBNjM+lXPZ+vLhOaR0=
last-modified: Thu, 06 Oct 2022 19:10:14 GMT
server: cloudflare
etag: W/"8b862c5fcf33c6ed000ac8d10ab78467"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 76363016e9b99bf4-FRA
expires: Tue, 01 Nov 2022 17:05:38 GMT

GET
H2 200 7365448.js Show response
js.hs-banner.com/ 60 KB
16 KB 754ms
296ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7365448.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7365448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8730b0a6a9bfbc1dc8679af817f40bf7a74bc6c65f658cea71c6988353004232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
x-amz-version-id: o77drvrOCtOvbOyg6aDi7onW6ohQujLj
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9R2SSEY2T5WHDDKB
x-amz-server-side-encryption: AES256
x-amz-id-2: vauUkQtKOYFM/06YSb9JS0q68hN+ixbf3zj+BuvK9gB4lkcJ5qdNyxC9tjXIO1IXsSTiFDYrSwU=
last-modified: Tue, 25 Oct 2022 21:11:55 GMT
server: cloudflare
etag: W/"2a52caf3d147d6a43b3996634122a7fb"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.iconsavingsplan.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 76363016fd34bb89-FRA
expires: Tue, 01 Nov 2022 17:05:38 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 29ms
25ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 21:02:26 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32004
accept-ranges: bytes
content-length: 3063

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3797457%26time%3D1667322038576%26url%3Dhttps%253A%252F%252Fwww.iconsavingsplan.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQLfBI3MHwohMwAAAYQ0I0t4jzrcX0vNVeMihh3HVEeue...

0
266 B

159ms
116ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQLfBI3MHwohMwAAAYQ0I0t4jzrcX0vNVeMihh3HVEeue1Pxntou_KsUqdssaLvFUQ
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5EFE002C96404B29A0FCD4F201DA5A9E Ref B: DUS30EDGE0806 Ref C: 2022-11-01T17:00:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsa6nhBllqOII9O+muxQ==

Redirect headers

date: Tue, 01 Nov 2022 17:00:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D11003C97E614366ADAC1005223502CE Ref B: DUS30EDGE0915 Ref C: 2022-11-01T17:00:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3797457&time=1667322038576&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQLfBI3MHwohMwAAAYQ0I0t4jzrcX0vNVeMihh3HVEeue1Pxntou_KsUqdssaLvFUQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXsa6nen5Hnjl9OIJYoKw==

GET
H2 200 FO6ZKK6AC5ETJFOQ36SFLJ Show response
d.adroll.com/consent/check/ 449 B
542 B 308ms
32ms Script
application/javascript 34.245.242.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/FO6ZKK6AC5ETJFOQ36SFLJ?arrfrr=https%3A%2F%2Fwww.iconsavingsplan.com%2F&_s=15585fc65a63fd068adef657150fe925&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/FO6ZKK6AC5ETJFOQ36SFLJ/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.242.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-242-222.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 936c317c767e796877245d0bdd1fb67b9c34e2ffb79c741ae7569f753ac4280d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
353 B 233ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GM14VC4L89&gtm=2oeaq0&_p=1625793810&cid=1711035790.1667322039&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667322038&sct=1&seg=0&dl=https%3A%2F%2Fwww.iconsavingsplan.com%2F&dt=Retirement%20Savings%20Plans%20for%20the%20Modern%20Workforce%20%7C%20Icon%20Savings%20Plan&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GM14VC4L89&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.iconsavingsplan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1625793810&t=pageview&_s=1&dl=https%3A%2F%2Fwww.iconsavingsplan.com%2F&ul=en-us&de=UTF-8&dt=Retirement%20Savings%20Plans%20for%20the%20Modern%20Workforce%20%7C%20Icon%20Savings%20Plan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=94220934&gjid=464545651&cid=1711035790.1667322039&tid=UA-118766343-1&_gid=762240095.1667322039&_r=1&gtm=2wgaq056PR74V&z=1279728922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iconsavingsplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.iconsavingsplan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/7365448/2589f605-a869-4c7d-8dd1-aa3689a3cb4d/ 2 KB
2 KB 239ms
204ms XHR
application/json 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/7365448/2589f605-a869-4c7d-8dd1-aa3689a3cb4d/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc96d4f4c2702fc7275c5667d19f8abcc3dcb995768c224844ab284010c1628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.iconsavingsplan.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 036b4aad-cd3d-4fca-ba9e-ae04bfe70bbe
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B15C448D234CCF4FE4FD4DE49E2A4BF99446E9E0D000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 763630190ba8bbfb-FRA

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 28ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 01 Nov 2022 17:00:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20715
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QD1yyCgSoG/rrR7aszUdOtafZehMHcZnqmtU0HIKiiog5Z+6+OIrQ0TI+oM2KANeeFIIQIxqtcX8+XOLn+PM4Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1291298468039117 Show response
connect.facebook.net/signals/config/ 296 KB
85 KB 85ms
73ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1291298468039117?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7afc10e951e9bb01559196f3009af8267984d8a5e99872f8da7716f323f826e3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 01 Nov 2022 17:00:38 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: J9RTYirAHFPgpIjnJpxtdftGj0tINJVckoSLE1SErCtTbGqfJlvVf4EJpvGzeuwPRQRnDcTScYC3EKpZGPgxAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ajax-loader.gif
www.iconsavingsplan.com/wp-content/themes/narpp/build/ 3 KB
3 KB 97ms
95ms Image
image/gif 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/ajax-loader.gif
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-polished: origSize=4178, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2592
cf-bgj: imgq:100,h2pri
last-modified: Tue, 16 Jun 2020 18:09:22 GMT
server: cloudflare
etag: "5ee90ad2-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cNMXtu1pE2kEznE5WHV9WwveXxqDEuDJe6mqGmRSEZHkbM9iadi9R7UIpeQFme%2F29n8XAuglJxc%2BuBt2OU3wTrddafzeuuBhcD9cyerq6CxKJU%2FJ%2F4VGTeIXRcpgmHx1VvTY%2Fn3JnmH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630161a01bbb5-FRA

GET
H3 200 slick.woff
www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/ 1 KB
2 KB 85ms
83ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/fonts/slick.woff
Requested by: Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1666297077
Origin: https://www.iconsavingsplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1380
last-modified: Tue, 16 Jun 2020 18:09:45 GMT
server: cloudflare
etag: "5ee90ae9-564"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvAZZfJLW4nDyd%2Fc88%2Fcmh6lZwSQ9evoGY3rIakZn5Zob%2F%2BD4ErSQw6bHB7PDXpDFxwRQgdplLYNW4RbTeThI%2BfYRm0UaI3OHGtzbdNv42IFJbFBr27F4fBmuK9zrnWK6RBvg6La5fzc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 763630162a44bbb5-FRA

GET
H2 204 0
bat.bing.com/action/ 0
175 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=%20148001840&Ver=2&mid=7ac8af46-cf83-4df0-8779-982994280121&sid=b5fa51c05a0611edb12aef1db3f479dc&vid=b5fa6e705a0611ed9dc1cbf4a12e6c9a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Retirement%20Savings%20Plans%20for%20the%20Modern%20Workforce%20%7C%20Icon%20Savings%20Plan&p=https%3A%2F%2Fwww.iconsavingsplan.com%2F&r=&lt=1920&evt=pageLoad&sv=1&rn=861174

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Nov 2022 17:00:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F020A36D3CA6412E80AD09F197AD1AC7 Ref B: FRA31EDGE0610 Ref C: 2022-11-01T17:00:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/7365448/2589f605-a869-4c7d-8dd1-aa3689a3cb4d/ Frame 0
0 502ms
318ms Preflight
text/plain 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/7365448/2589f605-a869-4c7d-8dd1-aa3689a3cb4d/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.iconsavingsplan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.iconsavingsplan.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 76363016f80d5c14-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 01 Nov 2022 17:00:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-hubspot-correlation-id: 224d6676-42e1-4dee-89d5-03026723fd53
x-robots-tag: none
x-trace: 2B7A4E3062A209DB71FADE10B509728F99C61BB0BB000000000000000000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 72ms
23ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-118766343-1&cid=1711035790.1667322039&jid=94220934&gjid=464545651&_gid=762240095.1667322039&_u=YADAAEAAAAAAACAAI~&z=632708983

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iconsavingsplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 01 Nov 2022 17:00:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.iconsavingsplan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1291298468039117&ev=PageView&dl=https%3A%2F%2Fwww.iconsavingsplan.com%2F&rl=&if=false&ts=1667322038888&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1667322038887.1464703389&it=1667322038690&coo=false&tm=1&rqm=GET

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 01 Nov 2022 17:00:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 190ms
167ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7365448&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

863b464013652eedd5a095791dbb4a3d52d0a74b0ec8858a82f836c0426f75a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.iconsavingsplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fa32c738-b423-4ef7-82cc-4fc73aa5ba99
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPdmPT8s3KpzNx%2FkjMVPRxz4U0KVTeJmFqMSJpAfbM%2Bq48VkZFEqQ824BBoeAkeyMsN8Ug7vHDlUeYlYC8PytYj%2FJwZML%2BKXhQ7de18DVr%2B447OJgyyCDCnh%2FsudGH51qmFGAzCmKSf%2B%2BRD6U3sU"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 763630178dd95c26-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 77ms
48ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-118766343-1&cid=1711035790.1667322039&jid=94220934&_u=YADAAEAAAAAAACAAI~&z=452315210

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 87ms
54ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-118766343-1&cid=1711035790.1667322039&jid=94220934&_u=YADAAEAAAAAAACAAI~&z=452315210

Requested by

Host: www.iconsavingsplan.com
URL: https://www.iconsavingsplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 134 B
860 B 460ms
438ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7365448

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a7c08d420c5594a14aaa3ee184bafdf410ef7d59d59f769aee68f51e3f0ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c27b51ea-2975-4c87-9b30-c93f862537fb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B05BE8DAE2295C263B6557F237F727A7580FE51A2000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeVu0Xts23JP2wxLS0ltlwefhOS8sed0UbX0BRn2mX3WNby2xYJH5mBrWakqA6RPknB6EyCz0X5vqulJo2wYtxEkHCc1nD%2Fci71Z3HgRsYaEYw%2FuW6Ixsy0UPy9SwP9L8OLP64omJSlZ1ggj"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 76363018fdb092a7-FRA
access-control-allow-headers: *

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/jhrlzhsl
https://js.intercomcdn.com/shim.latest.js

18 KB
7 KB

55ms
8ms

Script
application/javascript

99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/shim.latest.js

Protocol

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c22511d6a268e93656154c9c570108fe6d43f5f2a5d81aabdae1768fc254c3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:58:36 GMT
content-encoding: gzip
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-version-id: JNyTMRTP9zBF8EtQHAHHlRZUY9j7haz1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6170
last-modified: Tue, 01 Nov 2022 14:53:29 GMT
server: AmazonS3
etag: "90317ebb26173b39feb933a24d8fc53a"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: t9RCQmQYs9TqPw77lVtxHcZeVnG5ihlrmbDNEj3OoueICfGSTiTk8w==

Redirect headers

date: Sat, 28 May 2022 13:48:12 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 13576348
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: aIE3rj6LCwMTVWSJpe3x5vWInxd2kUJiX__xpGzEq6QBmID5hQd4oA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
900 B 256ms
212ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=7365448&rcu=https%3A%2F%2Fwww.iconsavingsplan.com%2F&pu=https%3A%2F%2Fwww.iconsavingsplan.com%2F&t=Retirement+Savings+Plans+for+the+Modern+Workforce+%7C+Icon+Savings+Plan&cts=1667322039390&vi=193a93c9bcda283527f17907edaee7a6&nc=true&u=131400528.193a93c9bcda283527f17907edaee7a6.1667322039382.1667322039382.1667322039382.1&b=131400528.1.1667322039383&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 435cb9da-29cc-47da-a543-2063c4dbc1d1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gx2%2Fm4XL2MZykLrzTrEGAJX6B%2FKKNvVXZzhKssoqIJULquuk8L0uZMRnBdFYsajHjjod%2Fs0e66rEI3xJe1v7x%2BykuPcRZmaRzM%2FRhUjb%2FzjFunuomVkpzZHWKF5vPWXAivtmtLqAq7s%2Ff6RLT627"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7636301a79189b58-FRA
x-robots-tag: none

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 235ms
212ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 81a54447-b7d0-46a8-bef6-119d40a1d04c
x-trace: 2B09CC10519532C1EFCFB3539FABEA58A44AACF68F000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7636301a79da6921-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EEBF 0
18 B 29ms
9ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.iconsavingsplan.com
Referer: https://www.iconsavingsplan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.iconsavingsplan.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 17:00:39 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
636 B 55ms
16ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a64d5404a00eaaa268ed1d70b8f37beab67c68e8a8a0dceba7edba6bcdb75ade

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 615
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 17:00:39 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
560 B 182ms
181ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=2589f605-a869-4c7d-8dd1-aa3689a3cb4d&fci=30aac75e-bba2-452c-b73d-7798cdd5471d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=7365448&rcu=https%3A%2F%2Fwww.iconsavingsplan.com%2F&pu=https%3A%2F%2Fwww.iconsavingsplan.com%2F&t=Retirement+Savings+Plans+for+the+Modern+Workforce+%7C+Icon+Savings+Plan&cts=1667322039469&vi=193a93c9bcda283527f17907edaee7a6&nc=true&u=131400528.193a93c9bcda283527f17907edaee7a6.1667322039382.1667322039382.1667322039382.1&b=131400528.1.1667322039383&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 85df07a3-c207-4cc1-beaa-78b0d574bca9
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySBzE7KXJ%2BMw746HRDzi1RcTHdB5TitvLkPHfihBLMdjH3AyEdlFYuVcpC1PDuSeKyKal%2F%2BKYsh5UjlIadQzJYcFGnstVMzUIzzoO0Mo6%2BoK48TRVlj4BHLHd2%2Fzgo0JkNI3tXNzEdoxsHN2ntWI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7636301ab9de9b58-FRA
x-robots-tag: none

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ 400 KB
160 KB 52ms
11ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.iconsavingsplan.com/
Origin: https://www.iconsavingsplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 15:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163140
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 15:27:46 GMT

GET
H3 200 frame-modern.cecfaaa5.js Show response
js.intercomcdn.com/ Frame 32E0 445 KB
122 KB 27ms
11ms Script
application/javascript 99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.cecfaaa5.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jhrlzhsl

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cbd8119b6914d83e85bf54910edffd8ec60a9835d5713caaf8b3f46f08663b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-version-id: fErUk8brVpY20C_46HsywLFzcopTW9Fg
date: Tue, 01 Nov 2022 16:53:35 GMT
x-amz-cf-pop: FRA6-C1
age: 424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 124311
last-modified: Tue, 01 Nov 2022 14:52:10 GMT
server: AmazonS3
etag: "98a77bd459499fba441e0ce39cc2b75e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: zmYtUql3xd_EYedDIfF-h3ZGZqaZPjr9BN2CMT8BusFQ8dJ0H386eg==

GET
H3 200 vendor-modern.87133c1b.js Show response
js.intercomcdn.com/ Frame 32E0 236 KB
73 KB 22ms
9ms Script
application/javascript 99.86.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.87133c1b.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jhrlzhsl

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-13.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

041cccf58bcaf80e8c076b0c7088052549ae9e190f380ba3796965195a795b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-version-id: D24zTTWpePuX3gYTpAQSw7pOjvpPiRsn
date: Tue, 01 Nov 2022 16:16:38 GMT
x-amz-cf-pop: FRA6-C1
age: 2642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74252
last-modified: Fri, 28 Oct 2022 15:41:55 GMT
server: AmazonS3
etag: "a44d82f78503b9d459c2aa1991b525a9"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: BTIdFG_ORQa2mvujH7fTg1wmESH2HG0rOwPkzJwP3LInIXmTVP63OA==

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame ABD4 43 KB
22 KB 31ms
31ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaWNvbnNhdmluZ3NwbGFuLmNvbTo0NDM.&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=invisible&badge=inline&cb=hsnbdrw4zzm5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d865ef78bc906d84e5820ffa8ca8ff37a85641cb36ba4ab36a11375aeea071d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xv7SlITlRFS3fzM2CPVEzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.iconsavingsplan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22868
content-security-policy: script-src 'report-sample' 'nonce-xv7SlITlRFS3fzM2CPVEzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 17:00:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
477 B 221ms
176ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=7365448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: 8ad5fe9c-e413-4773-8e89-186e65e0c924
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Tue, 01 Nov 2022 17:00:39 GMT
server: cloudflare
x-trace: 2BE81AA8DD138553E3D66AF5E87655468A1B01120F000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7636301bedaabb43-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10810088050

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb110c55d29fcb45124ff60d75ede62ca955b9e52c688d83b5ec275b283e16e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52754
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:06:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 17:00:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10810088050&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56PR74V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01f15d7e1abf95601c2fa95845d7852ccfa6ab4e7f78c626bcdab903d452f820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52765
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:06:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Nov 2022 17:00:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 997 B
690 B 22ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 647
date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: gzip
last-modified: Wed, 26 Oct 2022 22:31:50 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58869
accept-ranges: bytes
content-length: 471

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/ 2 B
379 B 455ms
149ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/json?portalId=7365448

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a478fb73-034d-4a4b-92ac-db8f6e30f093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2BA62037C489C23310E4779AB6012E785426256E4C000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXsfBWnap5josxAxtcEoNCBuc12js%2BtgyvOnfN2MkfnOFIt9sVjZ3XzXiReIxcdb0X0K5Urebt4LOSoBnv866bVN%2BwhR0lge7wEhVJjjtkdukd4wPKLyj4OsFmZRvkLK6quaocayR533BjDf"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7636301daecd92a7-FRA
access-control-allow-headers: *

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 32E0 6 KB
2 KB 795ms
577ms XHR
application/json 3.208.176.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.cecfaaa5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.176.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-176-252.compute-1.amazonaws.com

Software

nginx /

Resource Hash

89fdb1f5dfc4222cb175af150c5fdacc1b78a84feee1b79ce55b361ccc1f6716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Nov 2022 17:00:40 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-08f1d945aaedd67f8
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0004mrn1smgri1t4j9f0
x-runtime: 0.412032
server: nginx
etag: W/"89fdb1f5dfc4222cb175af150c5fdacc"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
x-intercom-version: 2dcabc53e0c139245dc42cbce7d88532546b3d28
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1667322050
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame ABD4 52 KB
52 KB 31ms
9ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaWNvbnNhdmluZ3NwbGFuLmNvbTo0NDM.&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=invisible&badge=inline&cb=hsnbdrw4zzm5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:49:04 GMT
x-content-type-options: nosniff
age: 15095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52913
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 12:49:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame ABD4 400 KB
159 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 15:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163140
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 15:27:46 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 21:02:26 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32003
accept-ranges: bytes
content-length: 3063

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10810088050/ 2 KB
2 KB 142ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10810088050/?random=1667322039726&cv=11&fst=1667322039726&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tiba=Retirement%20Savings%20Plans%20for%20the%20Modern%20Workforce%20%7C%20Icon%20Savings%20Plan&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1141254624.1667322038&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10810088050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

851969338aa6163928cc876eaf516eabae63ad096689e9a1547c79b02eddef6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame ABD4 102 B
134 B 20ms
19ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d135a22ba0093900bcb7e07d85517d411eebd89c425de91935c75020bee16f73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuaWNvbnNhdmluZ3NwbGFuLmNvbTo0NDM.&hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&size=invisible&badge=inline&cb=hsnbdrw4zzm5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 17:00:39 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10810088050/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10810088050/?random=1667322039726&cv=11&fst=1667322000000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tiba=Retirement%20Savings%20Plans%20for%20the%20Modern%20Workforce%20%7C%20Icon%20Savings%20Plan&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2346183217&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10810088050/ 42 B
64 B 44ms
22ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10810088050/?random=1667322039726&cv=11&fst=1667322000000&bg=ffffff&guid=ON&async=1&gtm=2oaaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.iconsavingsplan.com%2F&tiba=Retirement%20Savings%20Plans%20for%20the%20Modern%20Workforce%20%7C%20Icon%20Savings%20Plan&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2346183217&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.iconsavingsplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 17:00:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame CE74 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a10888eda295be1f928719f8102b52332f4e1c31b030ecfb84413c7fbd0562ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ys3bodmGC5ngQxjS1HCkUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.iconsavingsplan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1123
content-security-policy: script-src 'report-sample' 'nonce-Ys3bodmGC5ngQxjS1HCkUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 17:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame CE74 52 KB
52 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:49:04 GMT
x-content-type-options: nosniff
age: 15096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52913
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 12:49:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ Frame CE74 400 KB
159 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 15:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163140
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 15:27:46 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame CE74 38 KB
23 KB 50ms
50ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7b8d772d52c530636059f2efcfb75a8e57ae79e0608c215434a14f6b311dda9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 01 Nov 2022 17:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23666
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 17:00:40 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame CE74 600 B
624 B 11ms
10ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:44:59 GMT
x-content-type-options: nosniff
age: 548141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 08:44:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame CE74 530 B
554 B 12ms
11ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:42:15 GMT
x-content-type-options: nosniff
age: 62305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 07 Nov 2022 23:42:15 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame CE74 665 B
689 B 11ms
10ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:37:52 GMT
x-content-type-options: nosniff
age: 1368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 08 Nov 2022 16:37:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE74 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 20555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Nov 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE74 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:37:10 GMT
x-content-type-options: nosniff
age: 383010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Oct 2023 06:37:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE74 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 597652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Oct 2023 18:59:48 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame CE74 36 KB
36 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AIIukzib2c7_3vtGs5uC1psjGTBPrcaedYPioN4LQdJ694bms2C-_QgqXn-DXUZ6k-h9Is-tq7jLCPLQVrMD2SEIM0yzbDFyXiSo2XaIOhRu-UCybScy98o33F3_rtgRDJ5tg7OgbamEn0T7-pD4muGwFX8N9KnBnzE0f4BbC1sRkrSK-vp1Zl0HvjvVAWHMEr9akjKzl5eo7VKMmRl0NzXLExWI2CgB7Q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b09b642dde31459c00622451dd1e787afddeaf8f20aa8e3b1a17a24218795272

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=NJPGLzpIZgjszqyOymHUP0XR&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:00:40 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37003
x-xss-protection: 1; mode=block
expires: Tue, 01 Nov 2022 17:00:40 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 32E0 3 KB
2 KB 443ms
443ms XHR
application/json 3.208.176.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.cecfaaa5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.176.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-176-252.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dde15b5befa6e68dc98cbbe5b933c6e40de7dd491c327f1d9932ff6b24ca4427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Nov 2022 17:00:40 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-08f1d945aaedd67f8
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0004b0errcfndd8ahkag
x-runtime: 0.310758
server: nginx
etag: W/"dde15b5befa6e68dc98cbbe5b933c6e4"
x-ratelimit-remaining: 13331
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.iconsavingsplan.com
x-intercom-version: 2dcabc53e0c139245dc42cbce7d88532546b3d28
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1667322050
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 11:27:54	Name: _GRECAPTCHA Value: 09AHtfOcihTEeH-qqWfWwXf3t2yGRAm9oOWWYGjo6pC805ggqoTfudEofdXn-fS4XXRK-cyEq5Doa19hLynGXcNco
.t.sidekickopen60.com/	1970-01-20 15:54:18	Name: _hetc Value: e0690d1d-c550-40fa-9f78-60ba774a98f6\|1667322037141\|ACOD57cwLAIUBOKbhaSm4X22WtvQJ7odEuZkCx8CFB0l74WCxUfEHbG4WWY7CxcMM3KN
.bing.com/	1970-01-20 16:30:18	Name: MUID Value: 216264857F766CDC1DE076CA7EFD6D89
.iconsavingsplan.com/	1970-01-20 09:18:18	Name: _gcl_au Value: 1.1.1141254624.1667322038
.iconsavingsplan.com/	1970-01-20 16:44:42	Name: _ga_GM14VC4L89 Value: GS1.1.1667322038.1.0.1667322038.0.0.0
.iconsavingsplan.com/	1970-01-20 16:44:42	Name: _ga Value: GA1.2.1711035790.1667322039
.iconsavingsplan.com/	1970-01-20 07:10:08	Name: _gid Value: GA1.2.762240095.1667322039
.iconsavingsplan.com/	1970-01-20 07:08:42	Name: _gat_UA-118766343-1 Value: 1
.iconsavingsplan.com/	1970-01-20 07:10:08	Name: _uetsid Value: b5fa51c05a0611edb12aef1db3f479dc
.iconsavingsplan.com/	1970-01-20 16:30:18	Name: _uetvid Value: b5fa6e705a0611ed9dc1cbf4a12e6c9a
.iconsavingsplan.com/	1970-01-20 09:18:18	Name: _fbp Value: fb.1.1667322038887.1464703389
.linkedin.com/	1970-01-20 07:51:54	Name: UserMatchHistory Value: AQK_0xaGYN7guwAAAYQ0I0qGMZIzx1_i3j2YVYya1xERxXuDMRsOk23nEtt8My9DNZTPc06517QJ-g
.linkedin.com/	1970-01-20 07:51:54	Name: AnalyticsSyncHistory Value: AQImrHWJqecpUgAAAYQ0I0qGKd6vunHDJsVYpnCCanon2--forIldOoamr61kUplFkmlawXeYeBEPfZJF6wzFg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:54:18	Name: bcookie Value: "v=2&31f0bfd5-1353-4231-84f4-81268f3a0b3a"
.linkedin.com/	1970-01-20 07:10:08	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2511:u=1:x=1:i=1667322038:t=1667408438:v=2:sig=AQHa9KPwIHWl46WtPQ2Tn8Tsvr4Kafh6"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:54:18	Name: bscookie Value: "v=1&2022110117003951b491af-1cc8-49c4-8cea-e28d2250b65dAQECLPcSTem_nan93CEIhJaKF1t2UufA"
.linkedin.com/	1970-01-20 11:27:54	Name: li_gc Value: MTswOzE2NjczMjIwMzk7MjswMjFbOZQEx+paPMq09/15B6Mp6H5Twih/Uw5y2fhPHyZUmg==
.iconsavingsplan.com/	1970-01-20 11:27:54	Name: __hstc Value: 131400528.193a93c9bcda283527f17907edaee7a6.1667322039382.1667322039382.1667322039382.1
.iconsavingsplan.com/	1970-01-20 11:27:54	Name: hubspotutk Value: 193a93c9bcda283527f17907edaee7a6
.iconsavingsplan.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.iconsavingsplan.com/	1970-01-20 07:08:43	Name: __hssc Value: 131400528.1.1667322039383
.hubspot.com/	1970-01-20 07:08:43	Name: __cf_bm Value: XrPrSxlg8baKjUHz0S9mjyCEwaiXq5sWOGypSrALj38-1667322039-0-AdgbcwXGI8OQ4jH+WQekzWwhweJ6MfQgLN3EBtdUX5iOv/4l+BDZGOgpxZfrrBoz8pnbZrBbFENNMiSDjdVOA5w=
.doubleclick.net/	1970-01-20 07:08:42	Name: test_cookie Value: CheckForPermission
.iconsavingsplan.com/	1970-01-20 13:37:32	Name: intercom-id-jhrlzhsl Value: 0956599a-3064-43a1-8fd6-add8dd534006
.iconsavingsplan.com/	1970-01-20 07:18:46	Name: intercom-session-jhrlzhsl Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.iconsavingsplan.com/ Message: The resource https://www.iconsavingsplan.com/wp-content/themes/narpp/build/style.css?ver=1620932940 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.hubapi.com
bat.bing.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.intercomcdn.com
perf.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s.adroll.com
snap.licdn.com
stats.g.doubleclick.net
t.sidekickopen60.com
track.hubspot.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.iconsavingsplan.com
www.linkedin.com
108.138.17.98
13.107.42.14
141.193.213.10
2001:4860:4802:32::36
2600:9000:2260:6e00:6:9280:1080:93a1
2606:4700:4400::ac40:90fc
2606:4700:4400::ac40:9a55
2606:4700::6810:5705
2606:4700::6810:5905
2606:4700::6811:44b0
2606:4700::6811:70b0
2606:4700::6811:81ab
2606:4700::6811:ba49
2606:4700::6811:cbcc
2606:4700::6811:d3cc
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:400c:c0a::9d
2a02:26f0:3500:16::215:149b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.208.176.252
34.245.242.222
99.86.4.13
01f15d7e1abf95601c2fa95845d7852ccfa6ab4e7f78c626bcdab903d452f820
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041cccf58bcaf80e8c076b0c7088052549ae9e190f380ba3796965195a795b15
07d23a6c8d44a57e3ad946d8196f1fffa8fac3cc2e1b98b580136ff86baa7983
0bc96d4f4c2702fc7275c5667d19f8abcc3dcb995768c224844ab284010c1628
0f49cec5f7430acc66843b7744e9026abf385700090d7e857d22151284a939e1
149e4eaa0b8a884c843c16cbeb0fca6c74367663c7cb2d092c8b07e3e703aa21
16b74ad1c55e5740197777f651f58af7ead7718317da15f1fa04b31572df13b3
16fb3e33a4eae29cd087cbf10db6704a427ecfc9a4c1f9a8b423173f56043b5b
1e1f263a74f81f70d098643437471ce7ec92cf3ba3f5f2a7d0e0699005e22537
20ca529c38cc18eb7857e29020e3c45d4b6371419405ba10d914efd6f86a4a1c
24291f97c9169f3a1f987238dd0d2a74a62bf0d8a06ea2aaf7e037d867c22900
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3625a55a2ac1d3a0b490fc6d4d861747af01d493e431785d4340447993409265
3b682518f6afee8440776fd82fd707976e9522adbd4008706e7a21f3529ee928
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f01cb4e8bb564dfe1d558ba77bf9cda1712b8378f4c25223c44967ae8d5ea04
3f515bd4d2fa7eada2c0421b2f0f6adeec85b051bb3b3a1fcf4728d61533c413
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45e2e18507b4fd695307516f8c89f9e1aa57245d8a02f23222d1ca5ab705d569
4654185f06362ec9aa3916461b3d5de012c0e8730a65e81eb5a6af632ba59a59
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5dd97b1a04ebae0c0544f162bcd1b9a3acafaaf1597173e1df7e996beb0c49cf
5ed392b02405865f6e6ef48e0934d8a68194706626831b4cf948fa0b22a6a813
63a7c08d420c5594a14aaa3ee184bafdf410ef7d59d59f769aee68f51e3f0ae2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d865ef78bc906d84e5820ffa8ca8ff37a85641cb36ba4ab36a11375aeea071d
7097d219fb90c429697bd616c3d5af7f37ef16d3717577ddc6dc01bf1291cbe6
733cb2c43f84352561edc5d0323dd677f11e18a95d6f1421e929c8a7f73ad6e1
75a254fd0807561caf8d718822aded2facb0a66adb26335c30d418b95cd254d4
763e2f8517f3d0b2e8f72caaa4525917d5baa493b95081246b679f7ad23ebe7b
79066a1d9ef05bd56eed607049321dfdd5ba5587541268b06616dbd09b1f1549
79a940f065036052aeddeeb00d62bea91b8d3c906e85d83073349888c8997717
7afc10e951e9bb01559196f3009af8267984d8a5e99872f8da7716f323f826e3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851969338aa6163928cc876eaf516eabae63ad096689e9a1547c79b02eddef6f
863b464013652eedd5a095791dbb4a3d52d0a74b0ec8858a82f836c0426f75a9
8730b0a6a9bfbc1dc8679af817f40bf7a74bc6c65f658cea71c6988353004232
87e1ed8c94d134e4e068a17891d3dad0d122ee052bf061da0ca0e87b3da75069
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fdb1f5dfc4222cb175af150c5fdacc1b78a84feee1b79ce55b361ccc1f6716
936c317c767e796877245d0bdd1fb67b9c34e2ffb79c741ae7569f753ac4280d
9a0bb332fd893026a6041d8e01aa612bca1c1f3e5cbab4407e7e302bcbcdb1ce
9e3ae19470b9ff2afe251d14791fc5af25ae768b32f27c9e6b9e0595f984534c
9feb24d92d2066e82e6e70bfa61bf5c33674d61cc1ab906231ac75cc821d395f
a10888eda295be1f928719f8102b52332f4e1c31b030ecfb84413c7fbd0562ed
a64d5404a00eaaa268ed1d70b8f37beab67c68e8a8a0dceba7edba6bcdb75ade
af202dc9181a2a6e15859a28d76bf851f95f8fdcb6bf510d9515308294ff8f94
b09b642dde31459c00622451dd1e787afddeaf8f20aa8e3b1a17a24218795272
b0c72bf041eb8334c224887e09f2b55092d9258799272aa6a95be9972599b22a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfbca8016bd15d932ee99cc5046a10340a03c4b4cace0f99271625eb7106024d
c22511d6a268e93656154c9c570108fe6d43f5f2a5d81aabdae1768fc254c3a0
c50d7d62f3484f093b5105320fdce4d7f6cec0dab081b15808d0344d68ed4f4b
c5a18f4c7d4ba95021ff79328daefa1305c610b014d7dfcf58e537a2d010490e
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cb110c55d29fcb45124ff60d75ede62ca955b9e52c688d83b5ec275b283e16e5
cbd8119b6914d83e85bf54910edffd8ec60a9835d5713caaf8b3f46f08663b89
ccf065a801b57cc64889b234c315766e52a226d3f478040759d67e0047b52346
cf8740d17d6107873274925950825ccb234581145cdbc2f52b17b0e2d96ea147
d135a22ba0093900bcb7e07d85517d411eebd89c425de91935c75020bee16f73
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db4463178576d56b3837dc552711d3786527e411d2396676b63f89cb119c0b6a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dde15b5befa6e68dc98cbbe5b933c6e40de7dd491c327f1d9932ff6b24ca4427
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2c2cd6dbdb9538c9146ac278fd1c2ce6904f05e7cf862821aa43488bca96a11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e7b8d772d52c530636059f2efcfb75a8e57ae79e0608c215434a14f6b311dda9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f553c20a33d25dc12d94a7fa7a0999446235612f20decd643daf0b4c7e381492
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f9bc4995e2a6f5c525c432eacd4129ba934ca76afd593bb98ae5d8fbe96dc4ef
fe0b19b8393eceda8579f39b1a9134153ea7f9b89174988e5e17eba0ca1d0a7f

www.iconsavingsplan.com Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

97 %HTTPS

81 %IPv6

26 Domains

35 Subdomains

29 IPs

4 Countries

5479 kBTransfer

10963 kBSize

27 Cookies

12 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.iconsavingsplan.com Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

97 %
HTTPS

81 %
IPv6

26
Domains

35
Subdomains

29
IPs

4
Countries

5479 kB
Transfer

10963 kB
Size

27
Cookies

104 HTTP transactions
0 data transactions