urlscan.io logo urlscan.io
SecurityTrails logo

www.cmgfi.com Open in urlscan Pro
192.26.129.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bheon.cmgfi.com/th3_err0r.php?php=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1
Effective URL: https://www.cmgfi.com/mysite/bill-heon
Submission: On January 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 6 countries across 25 domains to perform 98 HTTP transactions. The main IP is 192.26.129.154, located in United States and belongs to CMG-MORTGAGE, US. The main domain is www.cmgfi.com. The Cisco Umbrella rank of the primary domain is 326906.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 18th 2021. Valid for: a year.
This is the only time www.cmgfi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 192.26.129.154 36714 (CMG-MORTGAGE)
1 35.201.125.192 15169 (GOOGLE)
1 151.101.0.114 54113 (FASTLY)
7 2a02:26f0:170... 20940 (AKAMAI-ASN1)
25 2a04:4e42:200... 54113 (FASTLY)
1 35.244.153.179 15169 (GOOGLE)
1 35.190.5.192 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.40.155.233 16509 (AMAZON-02)
4 104.18.27.71 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 167.172.136.187 14061 (DIGITALOC...)
1 2 161.35.15.77 14061 (DIGITALOC...)
1 34.95.105.148 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 8 2600:9000:225... 16509 (AMAZON-02)
1 2a03:5f80:a::... 50952 (DATAIX-AS...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2600:9000:223... 16509 (AMAZON-02)
4 2600:9000:225... ()
1 54.228.17.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.110.125 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
4 54.149.179.129 16509 (AMAZON-02)
2 208.68.39.149 14061 (DIGITALOC...)
98 31
6    192.26.129.154 (United States)

ASN36714 (CMG-MORTGAGE, US)
bheon.cmgfi.com
www.cmgfi.com
1    35.201.125.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.125.201.35.bc.googleusercontent.com
cdn.bc0a.com
1    151.101.0.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
7    2a02:26f0:1700:785::2a03 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cloud.cmgfi.com
25    2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
1    35.244.153.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.153.244.35.bc.googleusercontent.com
ixfd-api.bc0a.com
1    35.190.5.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com
cdn.b0e8.com
5    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.40.155.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-155-233.us-west-2.compute.amazonaws.com
cmgfinancial.us-4.evergage.com
4    104.18.27.71 (None, )

ASN13335 (CLOUDFLARENET, US)
cmgfinancial.typeform.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    167.172.136.187 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: process100.acsbapp.com
acsbap.com
2    161.35.15.77 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn101.acsbapp.com
acsbapp.com
1    34.95.105.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.105.95.34.bc.googleusercontent.com
a.b0e8.com
3    2a00:1450:400f:802::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2600:9000:225e:4200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
snap.licdn.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:223f:1000:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.typeform.com
4    2600:9000:2251:5e00:4:f6ce:61c0:93a1 (United States)

ASN- ()
renderer-assets.typeform.com
1    54.228.17.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.110.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-125.fra56.r.cloudfront.net
cdn.segment.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
4    54.149.179.129 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-179-129.us-west-2.compute.amazonaws.com
api.segment.io
2    208.68.39.149 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn100.acsbapp.com
cdn.acsbapp.com
Apex Domain
Subdomains		 Transfer
25 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2517
912 KB
13 cmgfi.com
bheon.cmgfi.com
www.cmgfi.com — Cisco Umbrella Rank: 326906
cloud.cmgfi.com
1 MB
9 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2604
d.adroll.com — Cisco Umbrella Rank: 1561
77 KB
9 typeform.com
cmgfinancial.typeform.com
images.typeform.com — Cisco Umbrella Rank: 51431
renderer-assets.typeform.com — Cisco Umbrella Rank: 41728
601 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
4 KB
4 segment.io
api.segment.io — Cisco Umbrella Rank: 1081
593 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
www.linkedin.com — Cisco Umbrella Rank: 647
px4.ads.linkedin.com — Cisco Umbrella Rank: 5501
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
488 B
4 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 5410
cdn.acsbapp.com — Cisco Umbrella Rank: 5805
164 KB
4 gstatic.com
fonts.gstatic.com
98 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
201 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 evergage.com
cmgfinancial.us-4.evergage.com
1 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934
52 KB
2 b0e8.com
cdn.b0e8.com — Cisco Umbrella Rank: 10484
a.b0e8.com — Cisco Umbrella Rank: 10733
22 KB
2 bc0a.com
cdn.bc0a.com — Cisco Umbrella Rank: 14498
ixfd-api.bc0a.com — Cisco Umbrella Rank: 28544
17 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5557
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 13
501 B
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1682
54 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
441 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1098
2 KB
1 acsbap.com
acsbap.com — Cisco Umbrella Rank: 12353
85 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
69 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 5793
38 KB
98 25
Domain Requested by
25 res.cloudinary.com www.cmgfi.com
8 s.adroll.com 2 redirects www.googletagmanager.com
www.cmgfi.com
s.adroll.com
7 cloud.cmgfi.com www.cmgfi.com
5 fonts.googleapis.com www.cmgfi.com
5 www.cmgfi.com www.cmgfi.com
4 api.segment.io cdn.segment.com
4 www.facebook.com www.cmgfi.com
4 renderer-assets.typeform.com cmgfinancial.typeform.com
renderer-assets.typeform.com
4 fonts.gstatic.com fonts.googleapis.com
4 cmgfinancial.typeform.com www.cmgfi.com
cmgfinancial.typeform.com
renderer-assets.typeform.com
3 connect.facebook.net www.cmgfi.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.cmgfi.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.acsbapp.com acsbap.com
2 px.ads.linkedin.com 2 redirects
2 acsbapp.com 1 redirects www.cmgfi.com
2 cmgfinancial.us-4.evergage.com cdn.evgnet.com
2 use.fontawesome.com www.cmgfi.com
use.fontawesome.com
1 px4.ads.linkedin.com www.cmgfi.com
1 www.linkedin.com 1 redirects
1 www.google.de www.cmgfi.com
1 www.google.com www.cmgfi.com
1 cdn.segment.com renderer-assets.typeform.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.adroll.com s.adroll.com
1 images.typeform.com cmgfinancial.typeform.com
1 snap.licdn.com www.googletagmanager.com
1 a.b0e8.com www.cmgfi.com
1 acsbap.com 1 redirects
1 www.googletagmanager.com www.cmgfi.com
1 cdn.b0e8.com www.cmgfi.com
1 ixfd-api.bc0a.com cdn.bc0a.com
1 cdn.evgnet.com www.cmgfi.com
1 cdn.bc0a.com www.cmgfi.com
1 bheon.cmgfi.com 1 redirects
98 35
Subject Issuer Validity Valid
*.cmgfi.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
cdn.bc0a.com
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
cdn.evergage.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-04-27		 2 years crt.sh
s2-san.cloudinary.com
R3		 2022-01-24 -
2022-04-24		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
ixfd-api.bc0a.com
GTS CA 1D4		 2021-12-25 -
2022-03-25		 3 months crt.sh
cdn.b0e8.com
GTS CA 1D4		 2021-12-30 -
2022-03-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.us-4.evergage.com
Amazon		 2021-09-22 -
2022-10-20		 a year crt.sh
typeform.com
Cloudflare Inc ECC CA-3		 2021-10-22 -
2022-10-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
b0e8.com
GTS CA 1D4		 2021-12-30 -
2022-03-30		 3 months crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-04 -
2022-02-02		 3 months crt.sh
*.typeform.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.segment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.acsbapp.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-23 -
2022-10-05		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.cmgfi.com/mysite/bill-heon
Frame ID: 2ADBA6FF4681143C0CF20DF4EA9E5F02
Requests: 83 HTTP requests in this frame

Frame: https://cmgfinancial.typeform.com/to/NCk530ZZ
Frame ID: 18A7706F796C81B7419FE8A4404F88B4
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5CA300D21213F453F7E965E93F9F0C3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bill Heon's MySite | CMG Financial

Page URL History Show full URLs

  1. https://bheon.cmgfi.com/th3_err0r.php?php=https://raw.githubusercontent.com/carlosdechia/carlosdechi... HTTP 301
    https://www.cmgfi.com/mysite/bill-heon Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

98
Requests

96 %
HTTPS

55 %
IPv6

25
Domains

35
Subdomains

31
IPs

6
Countries

3651 kB
Transfer

9401 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bheon.cmgfi.com/th3_err0r.php?php=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1 HTTP 301
    https://www.cmgfi.com/mysite/bill-heon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://acsbap.com/apps/app/assets/js/acsb.js HTTP 301
  • https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
  • https://acsbapp.com/apps/app/dist/js/app.js
Request Chain 65
  • https://s.adroll.com/j/exp/4JCDOKYQ2JA2VLPT22OD2P/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 66
  • https://s.adroll.com/j/pre/4JCDOKYQ2JA2VLPT22OD2P/4U6Z4KCABJH43A5A4ZXS3C/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 85
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1333642%26time%3D1643168680784%26url%3Dhttps%253A%252F%252Fwww.cmgfi.com%252Fmysite%252Fbill-heon%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&liSync=true&e_ipv6=AQIxV2K6ijM8BgAAAX6UfEypkOCiCNoYigpxlAAIbT7YkS2K2nXBL6eZW8CnABUbBjNSwpiO

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bill-heon
www.cmgfi.com/mysite/
Redirect Chain
  • https://bheon.cmgfi.com/th3_err0r.php?php=https://raw.githubusercontent.com/carlosdechia/carlosdechia/main/ExV1
  • https://www.cmgfi.com/mysite/bill-heon
62 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.26.129.154 , United States, ASN36714 (CMG-MORTGAGE, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b044eae64a4ee003537a325252f870b7ea109ab33e313bd6b480b6a59d70589
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:a35dfa4d-9dec-421f-85a1-53a2c6f1a96b
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET
date
Wed, 26 Jan 2022 03:44:26 GMT

Redirect headers

location
https://www.cmgfi.com/mysite/bill-heon
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:a35dfa4d-9dec-421f-85a1-53a2c6f1a96b
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET
date
Wed, 26 Jan 2022 03:44:26 GMT
autopilot_sdk.js
cdn.bc0a.com/autopilot/f00000000155617/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bc0a.com/autopilot/f00000000155617/autopilot_sdk.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.125.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7083d7e67c12047440e8f011fba46394abadf0545972501057cab404db802b98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-meta-marvel_enabled
true
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsRY-QSRup2VdP_0OlOQdujLYGpCeo3emEqwjbYGKv7CYi_7zGZ2egTJErTlXLcqDkA91ASYWfIfisGUA8W2lC8Nqi-dA
x-goog-meta-sdk_canonical_host
x-goog-meta-sdk_whitelist
x-goog-stored-content-encoding
gzip
x-goog-meta-publishingdate
2021-01-14 01:26:14
x-goog-meta-sdk_canonical_protocol
etag
"7bb71f2771bf3484ee7f7fd97eb1174a"
vary
Accept-Encoding
x-goog-generation
1610587574213343
content-language
en
access-control-allow-origin
*
x-goog-meta-custom
true
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-meta-spa
false
expires
Wed, 26 Jan 2022 04:44:39 GMT
x-goog-meta-sdk_version
1.4.5
date
Wed, 26 Jan 2022 03:44:39 GMT
x-goog-meta-sdk_account_id
f00000000155617
x-goog-meta-sdk_request_parameters_case_sensitive
false
x-goog-meta-marvel_config_consistency_custom
{"data-testmode":true,"data-customerid":"f00000000155617"}
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-marvel_customer_id
x-goog-metageneration
3
alt-svc
clear
content-length
15223
x-goog-meta-sdk_log_level
2
last-modified
Thu, 14 Jan 2021 01:26:14 GMT
server
UploadServer
x-goog-hash
crc32c=4pJERw==, md5=e7cfJ3G/NITuf3/ZfrEXSg==
x-goog-stored-content-length
15223
accept-ranges
bytes
content-type
application/javascript
x-goog-meta-marvel_test_mode
false
main.css
www.cmgfi.com/ 		453 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cmgfi.com/main.css?v=a0BxbtWsowQlZZvMewIczqXdltcm-bwfvhcmnYjzbk0
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.26.129.154 , United States, ASN36714 (CMG-MORTGAGE, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b40716ed5aca30425659bcc7b021ccea5dd96d726f9bc1fbe17269d88f36e4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/mysite/bill-heon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
etag
"1d81142a4eafddc"
last-modified
Mon, 24 Jan 2022 16:51:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=604800
date
Wed, 26 Jan 2022 03:44:26 GMT
accept-ranges
bytes
request-context
appId=cid-v1:a35dfa4d-9dec-421f-85a1-53a2c6f1a96b
CMG.css
www.cmgfi.com/ 		1 MB
186 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cmgfi.com/CMG.css?v=-yeWQpk2eUoZemwOJkQHqyEUpuebawRMJh_vYgXQv70
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.26.129.154 , United States, ASN36714 (CMG-MORTGAGE, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb2796429936794a197a6c0e264407ab2114a6e79b6b044c261fef6205d0bfbd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/mysite/bill-heon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
etag
"1d81142a4fc9102"
last-modified
Mon, 24 Jan 2022 16:51:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=604800
date
Wed, 26 Jan 2022 03:44:26 GMT
accept-ranges
bytes
request-context
appId=cid-v1:a35dfa4d-9dec-421f-85a1-53a2c6f1a96b
evergage.min.js
cdn.evgnet.com/beacon/cmgfinancial/engage/scripts/ 		137 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/cmgfinancial/engage/scripts/evergage.min.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4f33a00ddafd5a8b5d0b0ee54b848ba1007286d5da9d9edd2168a0e80282ead

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
hwrHe_hvLExDBgvVgpm_K3g3vujUSBjw
content-encoding
gzip
etag
"b88cb1648c9dd0c177e1b71b5b3a5446"
timing-allow-origin
*
age
100
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
38533
x-amz-id-2
b/s3+NlJDdPwRR1qJPFMzdbAQ62Ybxt3GbqiiGOZHV6rmtd5JqlgoLaSikU0tyaSeHXA6AMwnuQ=
x-served-by
cache-iad-kjyo7100027-IAD, cache-hhn4069-HHN
x-amz-meta-evergage-sum
6fe898e7735789d9dedb51732be43b2e489e8c36
last-modified
Fri, 21 Jan 2022 14:00:50 GMT
server
AmazonS3
x-timer
S1643168679.124234,VS0,VE91
date
Wed, 26 Jan 2022 03:44:39 GMT
vary
Accept-Encoding
x-amz-request-id
8ZT4E9RY2DXA5FJ4
via
1.1 varnish, 1.1 varnish
cache-control
max-age=120
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
1, 1
twitter.svg
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		764 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/twitter.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
38922a1d63adfbf9ea5791c3534cf87d63f02d800ff04c4f65fe9c575b31ea59
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="twitter.svg"
server-timing
akam;dur=18;start=2022-01-26T03:44:39.832Z;desc=hit-near,rtt;dur=7
content-length
394
last-modified
Tue, 11 Feb 2020 16:01:23 GMT
server
Cloudinary
etag
W/"ff12a13d400783c3152615240a94f4cf"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
facebook.svg
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		452 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/facebook.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a1febf1e953ec7e3f29a4f34cf62e2d941db281ce2d5baeb425b56fc37b7717a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="facebook.svg"
server-timing
akam;dur=8;start=2022-01-26T03:44:39.848Z;desc=miss,rtt;dur=7,cloudinary;dur=67;start=2022-01-19T22:04:10.419Z
vary
Accept-Encoding
content-length
310
last-modified
Tue, 11 Feb 2020 16:01:20 GMT
server
Cloudinary
etag
"f516b56331b768d422d2a0afb2304512"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
linkedin.svg
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		703 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/linkedin.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0d0210ffc59c6b17cac9e8649d90ec2deb653fb06b3d69d1515b03977ffea5e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="linkedin.svg"
server-timing
akam;dur=12;start=2022-01-26T03:44:39.838Z;desc=miss,rtt;dur=7,cloudinary;dur=84;start=2022-01-21T10:48:38.178Z
content-length
397
last-modified
Tue, 11 Feb 2020 16:01:21 GMT
server
Cloudinary
etag
W/"2af2597ed4aa1cbf53886d1bfe9c98e5"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
instagram.png
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/instagram.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
65765b24e95c694e746a6350dd8b43c7118b008ff94ec64c66c20ddc25512d71
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jan 2021 20:47:27 GMT
server
Cloudinary
etag
"a7afb49597ff92b1282266a273d28a3e"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
akam;dur=13;start=2022-01-26T03:44:39.833Z;desc=hit-near,rtt;dur=7
accept-ranges
bytes
timing-allow-origin
*
content-length
2383
phone.svg
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		638 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/phone.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
46d7ff4ef974fb0df2c72554d155d8aacf276971a9918eab56516ac6a9399dbf
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="phone.svg"
server-timing
akam;dur=14;start=2022-01-26T03:44:39.841Z;desc=miss,rtt;dur=7,cloudinary;dur=142;start=2022-01-19T22:04:12.014Z
vary
Accept-Encoding
content-length
375
last-modified
Tue, 11 Feb 2020 16:01:23 GMT
server
Cloudinary
etag
"bde7d7fa25d30bba4a79797a082b0eeb"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
Warning.svg
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Shared_Images/ 		590 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/Shared_Images/Warning.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4e52b6223665175a2688bf4929344a3342da50f262ba32b3286c5b2d5a690edd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="warning.svg"
server-timing
akam;dur=8;start=2022-01-26T03:44:39.844Z;desc=miss,rtt;dur=7,cloudinary;dur=187;start=2022-01-21T10:48:38.217Z,cld-id;desc=0f4a56283d8173498056812d96bc5619
content-length
298
x-request-id
0f4a56283d8173498056812d96bc5619
last-modified
Tue, 07 Apr 2020 15:06:27 GMT
server
Cloudinary
etag
W/"df8e5e7ec33739403e738e583f6af4b9"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
menu-icon.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		731 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/menu-icon.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
039154b1c375a8d7a9d566540ba91200190c0c171156e9a6152525e76cbd1f1f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="menu-icon.svg"
server-timing
fastly;dur=2;cpu=1;start=2022-01-26T03:44:39.872Z;desc=hit,rtt;dur=6
vary
Accept-Encoding
content-length
238
last-modified
Tue, 11 Feb 2020 16:01:23 GMT
server
Cloudinary
etag
W/"dbb77b1b04d8a2b6b5d31ff276fd8f3b"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
close.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		529 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/close.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
814b61c3ba45df49d57dd04e49b3fe07198692ec01c0026b9171999da87d09db
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="close.svg"
server-timing
fastly;dur=4;cpu=1;start=2022-01-26T03:44:39.872Z;desc=hit,rtt;dur=6
vary
Accept-Encoding
content-length
234
last-modified
Mon, 02 Nov 2020 18:59:44 GMT
server
Cloudinary
etag
W/"c3981dc520ac1c588add2d9d6275c2ae"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
cmg-logo.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		29 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/cmg-logo.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2429c5d6591f4e77bf1bd40d676c9b2c99193df4c77ed9fde2b756fb043c4618
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="cmg-logo.svg"
server-timing
fastly;dur=2;cpu=1;start=2022-01-26T03:44:39.872Z;desc=hit,rtt;dur=6
vary
Accept-Encoding
content-length
22328
last-modified
Tue, 11 Feb 2020 16:01:21 GMT
server
Cloudinary
etag
W/"b01e53b7883767207b358821e5ec343f"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
Warning.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Shared_Images/ 		590 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Shared_Images/Warning.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4e52b6223665175a2688bf4929344a3342da50f262ba32b3286c5b2d5a690edd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="warning.svg"
server-timing
fastly;dur=2;cpu=1;start=2022-01-26T03:44:39.872Z;desc=hit,rtt;dur=6
content-length
298
x-request-id
3495dfc1bbac558a2ff0681fbc01adea
last-modified
Tue, 07 Apr 2020 15:06:27 GMT
server
Cloudinary
etag
W/"df8e5e7ec33739403e738e583f6af4b9"
vary
Accept-Encoding
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
twitter.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		764 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/twitter.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
38922a1d63adfbf9ea5791c3534cf87d63f02d800ff04c4f65fe9c575b31ea59
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="twitter.svg"
server-timing
fastly;dur=2;cpu=1;start=2022-01-26T03:44:39.872Z;desc=hit,rtt;dur=6
vary
Accept-Encoding
content-length
394
last-modified
Tue, 11 Feb 2020 16:01:23 GMT
server
Cloudinary
etag
W/"ff12a13d400783c3152615240a94f4cf"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
facebook.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		452 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/facebook.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a1febf1e953ec7e3f29a4f34cf62e2d941db281ce2d5baeb425b56fc37b7717a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="facebook.svg"
server-timing
fastly;dur=2;cpu=1;start=2022-01-26T03:44:39.872Z;desc=hit,rtt;dur=6
vary
Accept-Encoding
content-length
276
last-modified
Tue, 11 Feb 2020 16:01:20 GMT
server
Cloudinary
etag
W/"f516b56331b768d422d2a0afb2304512"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
linkedin.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		703 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/linkedin.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0d0210ffc59c6b17cac9e8649d90ec2deb653fb06b3d69d1515b03977ffea5e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="linkedin.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
397
last-modified
Tue, 11 Feb 2020 16:01:21 GMT
server
Cloudinary
etag
W/"2af2597ed4aa1cbf53886d1bfe9c98e5"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
instagram.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/ 		216 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Navigation_Images/instagram.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
076e73392b5ebe3f0aabe0bccf01c23ef3ea379eb0492973e4b1283efde20c08
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="instagram.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
166498
last-modified
Tue, 19 Jan 2021 20:47:13 GMT
server
Cloudinary
etag
W/"f58a6e5e9e0d1c4544f8f29139fa456e"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
bill-heon.png
res.cloudinary.com/dvbdysuf5/image/upload/a_exif,f_auto,g_faces,c_thumb,w_250,h_250,z_0.5,r_max/CMG_Web_Resources/LO_Images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/a_exif,f_auto,g_faces,c_thumb,w_250,h_250,z_0.5,r_max/CMG_Web_Resources/LO_Images/bill-heon.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
805dc73ce21ac8a409cf45162522a4ae6f165d0b25b737eb510287362f499564
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="bill-heon.webp"
server-timing
fastly;dur=152;cpu=0;start=2022-01-26T03:44:39.888Z;desc=miss,rtt;dur=7,cloudinary;dur=57;start=2022-01-26T03:44:39.933Z
vary
Accept,User-Agent
content-length
8718
last-modified
Fri, 06 Dec 2019 15:39:22 GMT
server
Cloudinary
etag
"519b5b567a5c355d704b320c7bac9fc3"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
phone-icon-light.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/MySite_Images/ 		2 KB
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/MySite_Images/phone-icon-light.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d580476368dbd46778860b1862b6ad7bf767acb535fa7000b7a58e879c7caf9d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="phone-icon-light.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
610
last-modified
Thu, 02 Sep 2021 17:35:06 GMT
server
Cloudinary
etag
W/"ff024fd9a4ccca2c05f610fa994003b2"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
email-icon-light.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/MySite_Images/ 		1 KB
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/MySite_Images/email-icon-light.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
82c4364311473175de2dc6099d2e4c3b12e5fee18888fa54193f7d04ec7be9e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="email-icon-light.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
425
last-modified
Thu, 02 Sep 2021 17:34:56 GMT
server
Cloudinary
etag
W/"80ad6289268ac1c3d74f96e695b28632"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
star-full.svg
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/TT_Images/ 		335 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/TT_Images/star-full.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9a7dc955a41062d84e1d85082ecaa5189eae8c8cbba0122ef28c8871a4db77ee
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="star-full.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
229
last-modified
Mon, 10 Feb 2020 21:45:52 GMT
server
Cloudinary
etag
W/"3c938f06e8e766635b49d70becfcb0c3"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
testimonialtree.svg
res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/testimonialtree.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
8a2307dc995110a638dc283ff13eba5d093f6d8c0f38f4f709cd9113238a62e9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="testimonialtree.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Save-Data
content-length
1408
last-modified
Wed, 05 Feb 2020 19:00:48 GMT
server
Cloudinary
etag
"6e471329a82d690c9f33cb9e71bff17d"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
location-icon.png
res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Shared_Images/ 		580 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/CMG_Web_Resources/Shared_Images/location-icon.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
873b40b767d89507770740a7139ece80c20b742bcd51c11e547e76d4fead370c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 16:29:04 GMT
server
Cloudinary
etag
"14d748e973ac9faa993712aec8e2c2bc"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
accept-ranges
bytes
timing-allow-origin
*
content-length
580
play.svg
res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/ 		522 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/play.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f80fd52943368497d8caf8299a4d60b5cbf633b7866289af14369ecb72860bb4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="play.webp"
server-timing
fastly;dur=12;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Save-Data
content-length
522
last-modified
Wed, 05 Feb 2020 18:54:31 GMT
server
Cloudinary
etag
"e8aa5f56d11c9c9d60ecdbff806135c3"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
appstore.svg
res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/appstore.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
179630f917d4ec0d18da300695088fb39240175e25c2573bf3470d0356784c13
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="appstore.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Save-Data
content-length
1376
last-modified
Wed, 05 Feb 2020 18:54:31 GMT
server
Cloudinary
etag
"4e1ad2993f927f1782bc274d7eb49b41"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
googleplay.svg
res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/googleplay.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d2c0de19d7a07ab3d4ac507eaae19594d7d1ed8c7a36c4e675a01892cee13a08
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="googleplay.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Save-Data
content-length
1696
last-modified
Wed, 05 Feb 2020 18:54:31 GMT
server
Cloudinary
etag
"00edd26607e3749ed7d221ef8305b512"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
twitter.svg
res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/ 		764 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/twitter.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
38922a1d63adfbf9ea5791c3534cf87d63f02d800ff04c4f65fe9c575b31ea59
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="twitter.svg"
server-timing
fastly;dur=156;cpu=0;start=2022-01-26T03:44:39.888Z;desc=miss,rtt;dur=7,cloudinary;dur=58;start=2022-01-26T03:44:39.937Z
vary
Accept-Encoding
content-length
394
last-modified
Tue, 11 Feb 2020 16:01:23 GMT
server
Cloudinary
etag
W/"ff12a13d400783c3152615240a94f4cf"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, max-age=300
accept-ranges
bytes
timing-allow-origin
*
facebook.svg
res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/ 		452 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/facebook.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a1febf1e953ec7e3f29a4f34cf62e2d941db281ce2d5baeb425b56fc37b7717a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="facebook.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
276
last-modified
Tue, 11 Feb 2020 16:01:20 GMT
server
Cloudinary
etag
W/"f516b56331b768d422d2a0afb2304512"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, max-age=300
accept-ranges
bytes
timing-allow-origin
*
linkedin.svg
res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/ 		703 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/linkedin.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0d0210ffc59c6b17cac9e8649d90ec2deb653fb06b3d69d1515b03977ffea5e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="linkedin.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.888Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
397
last-modified
Tue, 11 Feb 2020 16:01:21 GMT
server
Cloudinary
etag
W/"2af2597ed4aa1cbf53886d1bfe9c98e5"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, max-age=300
accept-ranges
bytes
timing-allow-origin
*
instagram.png
res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/instagram.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
65765b24e95c694e746a6350dd8b43c7118b008ff94ec64c66c20ddc25512d71
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jan 2021 20:47:27 GMT
server
Cloudinary
etag
"a7afb49597ff92b1282266a273d28a3e"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.889Z;desc=hit,rtt;dur=7
accept-ranges
bytes
timing-allow-origin
*
content-length
2383
house-logo.svg
res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/v1581436881/CMG_Web_Resources/Navigation_Images/house-logo.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d4a233f35ce5d1db7781143dc170e92fb18651deefe7dbd77159b38a57d07b4f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="house-logo.svg"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.889Z;desc=hit,rtt;dur=7
vary
Accept-Encoding
content-length
1470
last-modified
Tue, 11 Feb 2020 16:01:20 GMT
server
Cloudinary
etag
W/"be8b4e672d0e4545c87c990520e29971"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, max-age=300
accept-ranges
bytes
timing-allow-origin
*
main.bundle.js
www.cmgfi.com/ 		2 MB
978 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cmgfi.com/main.bundle.js?v=HTq9cy0HDyngO04EMKJBend3UxMxx56Py4NbpyDRHFU
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.26.129.154 , United States, ASN36714 (CMG-MORTGAGE, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1d3abd732d070f29e03b4e0430a2417a7777531331c79e8fcb835ba720d11c55
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/mysite/bill-heon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
etag
"1d81142a4c990af"
last-modified
Mon, 24 Jan 2022 16:51:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=604800
date
Wed, 26 Jan 2022 03:44:27 GMT
accept-ranges
bytes
request-context
appId=cid-v1:a35dfa4d-9dec-421f-85a1-53a2c6f1a96b
01592239096
ixfd-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000155617/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ixfd-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000155617/01592239096?client=js_sdk&client_version=1.4.5&orig_url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&base_url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36
Requested by
Host: cdn.bc0a.com
URL: https://cdn.bc0a.com/autopilot/f00000000155617/autopilot_sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.153.244.35.bc.googleusercontent.com
Software
bws/1.0 /
Resource Hash
36c1b023fd21b0fd63e3452cb239632417a50e45729fe01c2389ebfbc3c65330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-be-pop
BRU-1-301
date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
server
bws/1.0
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
conv_v3.js
cdn.b0e8.com/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.b0e8.com/conv_v3.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.5.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
afdd29778a35ecf1638fc1c8bee1d4f7843d437d01b5db08cdf364da6b0edeaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:38:20 GMT
content-encoding
gzip
age
379
x-guploader-uploadid
ADPycdsvbPuR2ZMz8Bts0PQx2rDWa65IkKSyTh8kQk_UCeuTEvHoWvHW6kdVcGhx0iov0fuBBe6iDnECLOKJaqJzqBY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
21570
last-modified
Fri, 07 Aug 2020 06:51:36 GMT
server
UploadServer
etag
"befb3eb28cd6dd99609966faf9c239e0"
vary
Accept-Encoding
x-goog-hash
crc32c=kqf0jw==, md5=vvs+sozW3ZlgmWb6+cI54A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1596783096708452
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
21570
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 26 Jan 2022 04:38:20 GMT
css
fonts.googleapis.com/ 		1 KB
481 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kadwa:400,700&display=swap
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/main.css?v=a0BxbtWsowQlZZvMewIczqXdltcm-bwfvhcmnYjzbk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c8c2059031bc79bc79a7cb145f0c9ecf35a8a7496d2c3575892b20e6bfb2277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 03:44:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 03:44:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 03:44:39 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/main.css?v=a0BxbtWsowQlZZvMewIczqXdltcm-bwfvhcmnYjzbk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1bbb8127b5d5b33dae60b322733f311a584debdeb9334d7b9c4a59ff7bc6a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 02:30:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 03:44:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 03:44:39 GMT
css
fonts.googleapis.com/ 		2 KB
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300&display=swap
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/main.css?v=a0BxbtWsowQlZZvMewIczqXdltcm-bwfvhcmnYjzbk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc949f62ed362bf2794d32ba1e75b9804f9b49b99c6d55fdfcb56b3b31b5170d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 03:44:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 03:44:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 03:44:39 GMT
css2
fonts.googleapis.com/ 		3 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&display=swap
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/main.css?v=a0BxbtWsowQlZZvMewIczqXdltcm-bwfvhcmnYjzbk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba73d9e5a1b9e4cd7c92f860ee9f2484bca86143d07483a65c6a783d3b741f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 02:27:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 03:44:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 03:44:39 GMT
all.css
use.fontawesome.com/releases/v5.0.9/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.9/css/all.css
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/CMG.css?v=-yeWQpk2eUoZemwOJkQHqyEUpuebawRMJh_vYgXQv70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f65921afd556d3e8917b214d5324c6d62849a9f0608c53556f3792a6ce9d36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64678
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TRQC2ZJJ6NAS8229
x-amz-id-2
7RYa6PQDusVlnlEfNCLwPjIaUTT/HK4bZSxZCF5zIkV/SRp0e2Em+80XT2OvQuTdHw+0mWndgJw=
last-modified
Wed, 30 Jun 2021 15:28:17 GMT
server
cloudflare
etag
W/"bee5a66d62a031345fd944787f05f538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyvatkkrK10kjCfdcAbmA%2BT8p3xuapIKPJnNvBAsmwuuSADKyT%2FSjpsBrLhdRD6Hn0bWLrH9yYZKVZZ9Mr3KdbmMhqJR4mJHUyR55FG5LmBkK0Orn%2F8f1PO%2BBT%2FUnX3Te6j1cakZPc%2B1AwYMAKvU9wHW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6d36be788858921d-FRA
css
fonts.googleapis.com/ 		2 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito&display=swap
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/CMG.css?v=-yeWQpk2eUoZemwOJkQHqyEUpuebawRMJh_vYgXQv70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f316c385db5dc9485867159f3675877f94568fab92b43955fbd0f64f4555b89c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 02:07:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 03:44:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 03:44:39 GMT
gtm.js
www.googletagmanager.com/ 		219 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXMDZ33
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98c893be0d7a4021faab7789204f81e54fc3268ac369bfea216b846706fc9590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69911
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jan 2022 03:44:40 GMT
engage
cmgfinancial.us-4.evergage.com/api2/event/ 		137 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmgfinancial.us-4.evergage.com/api2/event/engage?event=eyJhY3Rpb24iOiJNeVNpdGUiLCJpdGVtQWN0aW9uIjpudWxsLCJzb3VyY2UiOnsicGFnZVR5cGUiOiJteXNpdGUiLCJjb250ZW50Wm9uZXMiOltdLCJ1cmwiOiJodHRwczovL3d3dy5jbWdmaS5jb20vbXlzaXRlL2JpbGwtaGVvbiIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImNvbmZpZ1ZlcnNpb24iOiI3IiwiYmVhY29uVmVyc2lvbiI6MTZ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYXR0cmlidXRlcyI6eyJsb015U2l0ZSI6ImJpbGwtaGVvbiJ9LCJhbm9uSWQiOiI2MWZjZGY1ZDE1OGYzMmIwIn0sInBlcmZvcm1hbmNlIjp7InNka1BhcnNlVGltZSI6Mywic2RrTG9hZFRpbWUiOjEyNSwic2RrRG5zVGltZSI6Nn0sImRlYnVnIjp7ImV4cGxhbmF0aW9ucyI6dHJ1ZX0sImNhdGFsb2ciOnt9LCJhY2NvdW50Ijp7fSwiX3Rvb2xzRXZlbnRMaW5rSWQiOiI4MDM2MzYxNjEzNTA2MjE4In0%3D
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/cmgfinancial/engage/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.155.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-155-233.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a36f2a2cabf2cdb3c2a6badb11a845320763cda33037a59542df006f93a23b1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cmgfi.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache-Coyote/1.1
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cmgfi.com
access-control-allow-credentials
true
timing-allow-origin
*
NCk530ZZ
cmgfinancial.typeform.com/to/ Frame 18A7 		112 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmgfinancial.typeform.com/to/NCk530ZZ
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 6043-3.292.0
Resource Hash
cdb8a1a5a48ebd996be48e0ea688de87d8fba555e97988105ba3191cd601b2f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
content-type
text/html; charset=utf-8
age
66763
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-security-policy-report-only
report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* capacitor: ionic: https: ;
pragma
no-cache
vary
Accept-Encoding
x-cache
HIT
x-cache-lookup
HIT
x-envoy-upstream-service-time
1
x-powered-by
6043-3.292.0
x-varnish
240195264 228900007
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers
Location, X-Request-Id
strict-transport-security
max-age=31536000; includeSubDomains
x-newp
Yes
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iiw7nftzsBSErWHDEkbinYyIfvGGXY0ml8z6xeVOCuVuIkon4QgIO%2FsvPDrrvme3C5pe2vxXEnBNLTNpPBJ1e%2B5BUktVHz4aZW5AFtmHpjyV1iim%2BRN7fhK5SBTqkEGHoc8ZO4GsH73%2BTAw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d36be79381a5b98-FRA
content-encoding
gzip
tt-testimonial.svg
cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/TVideos_Images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.cmgfi.com/dvbdysuf5/image/upload/CMG_Web_Resources/TVideos_Images/tt-testimonial.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/CMG.css?v=-yeWQpk2eUoZemwOJkQHqyEUpuebawRMJh_vYgXQv70
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::2a03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f2b23e3c4fadd7fb6548cdb7bc792730592c6b9ae2a32da972fab2223fb91bb2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="tt-testimonial.svg"
server-timing
akam;dur=7;start=2022-01-26T03:44:39.852Z;desc=miss,rtt;dur=6,cloudinary;dur=160;start=2022-01-22T11:33:50.300Z
content-length
1477
last-modified
Tue, 12 Oct 2021 18:00:45 GMT
server
Cloudinary
etag
W/"4e8c7c5b175aa5c9fa5b9fe8052b8742"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
cmg-app-bg-d.png
res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/q_auto,f_auto/CMG_Web_Resources/Home_Images/cmg-app-bg-d.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9a90cfb785eb50f1cb3332c7726a57c6cb20f1bc68d21dbbb4d6ce11f048ba5e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="cmg-app-bg-d.webp"
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:39.900Z;desc=hit,rtt;dur=7
vary
Save-Data
content-length
20282
last-modified
Wed, 05 Feb 2020 17:24:00 GMT
server
Cloudinary
etag
"647e5f3697a168b2ffc6eac8d0a64a09"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
12605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 00:14:34 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.9/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.9/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.9/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f7874f8336b47e49d9719c38cea16cdea6362962f5001db3f2d0bb47332357

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.9/css/all.css
Origin
https://www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YRG5FEB3BX9JRNG7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44004
x-amz-id-2
c5D074CZSdjaz9g1Gbl4VVu25pl18Djpa+ZP9+DFbVDDTfL7TW3gvEwl4Q36RaPNYFMPnWs3xdw=
last-modified
Wed, 30 Jun 2021 15:28:31 GMT
server
cloudflare
etag
"9f3c8f805668d4182d2173b660a7a21e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtltGRrONt7nzZfaCfqbztAWWyZj7p2UwIDUnOSXzHuyHA6tNNYALl4tjMnOTk9Cb0dM72ggO9oCX6u5bYzrAKQy%2FRwdGDwtrNH3jzKwwSg5gzmtwdn4U1DBNA26%2F33QSypXFqJPiJ6rWwnPKpPCq26t"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6d36be791cee9174-FRA
rnCr-x5V0g7ipix7atM5kng.woff2
fonts.gstatic.com/s/kadwa/v8/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kadwa/v8/rnCr-x5V0g7ipix7atM5kng.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kadwa:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47f19cec8be1973ec77799539c2074cf54fdf585dce070993781cad3d4c0f40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 19:46:38 GMT
x-content-type-options
nosniff
age
460681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19244
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:07:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 19:46:38 GMT
rnCm-x5V0g7ipiTAT8Y.woff2
fonts.gstatic.com/s/kadwa/v8/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kadwa/v8/rnCm-x5V0g7ipiTAT8Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kadwa:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ccb99ccfbd9a740970f3074087a4d83ed85d5413c8ed623f738cc7b2e28ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 12:03:16 GMT
x-content-type-options
nosniff
age
488483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19196
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:07:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 12:03:16 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac74d7d0323d238309ee0a321935a57cbad893de6ae27e4b568f444531466e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 22:41:29 GMT
x-content-type-options
nosniff
age
450190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16700
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 20 Jan 2023 22:41:29 GMT
Mobile_Features_wo_Search_v2.webm
res.cloudinary.com/dvbdysuf5/video/upload/v1581019380/CMG_Web_Resources/Home_Images/ 		455 KB
456 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/dvbdysuf5/video/upload/v1581019380/CMG_Web_Resources/Home_Images/Mobile_Features_wo_Search_v2.webm
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3d66c07c2f0a3ac62d60b03bbd9d3c8ad2d3329e58118000aedc8fe851cc37be
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cmgfi.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 Feb 2020 22:02:10 GMT
server
Cloudinary
access-control-allow-origin
*
etag
"e50e112a1d88a2ed9a602afc0bf2e139"
strict-transport-security
max-age=604800
content-type
video/webm
Content-Range
bytes 0-466177/466178
access-control-expose-headers
Content-Length,Content-Range,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=2;cpu=1;start=2022-01-26T03:44:39.945Z;desc=hit,rtt;dur=33
accept-ranges
bytes
timing-allow-origin
*
Content-Length
466178
sprite.svg
www.cmgfi.com/img/ 		29 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cmgfi.com/img/sprite.svg
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/main.bundle.js?v=HTq9cy0HDyngO04EMKJBend3UxMxx56Py4NbpyDRHFU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.26.129.154 , United States, ASN36714 (CMG-MORTGAGE, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2643d41961fbdcd13f0b268c44d86be1a36dc99d76b554aad2f55bfe796b3009
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/mysite/bill-heon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
etag
"1d81142a4ed9cc2"
last-modified
Mon, 24 Jan 2022 16:51:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/svg+xml
cache-control
public,max-age=604800
date
Wed, 26 Jan 2022 03:44:27 GMT
accept-ranges
bytes
content-length
29634
request-context
appId=cid-v1:a35dfa4d-9dec-421f-85a1-53a2c6f1a96b
app.js
acsbapp.com/apps/app/dist/js/
Redirect Chain
  • https://acsbap.com/apps/app/assets/js/acsb.js
  • https://acsbapp.com/apps/app/assets/js/acsb.js
  • https://acsbapp.com/apps/app/dist/js/app.js
423 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Server
161.35.15.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
cdn101.acsbapp.com
Software
/
Resource Hash
5ff1f48762983a74ab221de9e3d761ff6a64788c4b3034a6940510a67c3ad8c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
content-encoding
br
last-modified
Wed, 29 Dec 2021 22:49:19 GMT
etag
"69df1-61cce5ef-2ece39a4ca7614e4;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
141410
expires
Thu, 27 Jan 2022 03:44:40 GMT

Redirect headers

location
https://acsbapp.com/apps/app/dist/js/app.js
date
Wed, 26 Jan 2022 03:44:40 GMT
content-length
707
content-type
text/html
mysite-hero-retail.png
res.cloudinary.com/dvbdysuf5/image/upload/v1581364141/CMG_Web_Resources/MySite_Images/ 		225 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dvbdysuf5/image/upload/v1581364141/CMG_Web_Resources/MySite_Images/mysite-hero-retail.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
92954c4e5e64aa359abcdc926a0209145645309e82006d5b7bb0bf177e01678a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Feb 2020 19:49:02 GMT
server
Cloudinary
etag
"44024f94d377022b9a80d9224eb9ea44"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;cpu=0;start=2022-01-26T03:44:40.381Z;desc=hit,rtt;dur=27
accept-ranges
bytes
timing-allow-origin
*
content-length
230550
brightedge3.php
a.b0e8.com/ 		35 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.b0e8.com/brightedge3.php?id=f00000000155617&p_id=NJPA2424RP64R68AAJRLR4NNRAAAAAAAAH&bf=9a146a6dd5b92bb6e2686efa069789be&url=https%3A//www.cmgfi.com/mysite/bill-heon&ref=&bn=1&bv=3.43&title=Bill%20Heon%27s%20MySite%20%7C%20CMG%20Financial&metadesc=Bill%20Heon%20is%20an%20experienced%20mortgage%20lender%20located%20in%20Coronado%2C%20CA%20that%20specializes%20in%20all%20new%20purchase%20and%20refinance%20needs.&metakeywords=&s_id=NJPA2424RP64RNL488NLR4NNRAAAAAAAAH
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.105.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
148.105.95.34.bc.googleusercontent.com
Software
bws/1.0 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-be-pop
BRU-1-301
date
Wed, 26 Jan 2022 03:44:35 GMT
via
1.1 google
last-modified
Wed, 23 Jun 2021 22:46:15 GMT
server
bws/1.0
etag
"60d3b9b7-23"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXMDZ33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
689
date
Wed, 26 Jan 2022 03:33:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 26 Jan 2022 05:33:11 GMT
roundtrip.js
s.adroll.com/j/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXMDZ33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
TrxFtQaM8s37m_Nm4h1GkMAOXYF47jUQ
Content-Encoding
gzip
Etag
W/"b8caabe626e64605e61edd5174246bf4"
Age
1243
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Last-Modified
Fri, 14 Jan 2022 00:11:04 GMT
Server
AmazonS3
Date
Wed, 26 Jan 2022 03:24:00 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
_lwKWXz0h5PvvzrbZlmvbymiZqd7_-BMZOB8mp3haLty_-oGEsu4qw==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXMDZ33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 03:44:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=73056
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXMDZ33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:39 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0632C906DE014697AF42F7AECD23C646 Ref B: FRAEDGE1216 Ref C: 2022-01-26T03:44:40Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
g2k5xkQHBCjZto4EMiUNzgSuuKYoUK+6s+d1zKM27fTktiJCvVoVv0XBXTwgiwUgBjzmPOe+B/nwYg//qfP6Rg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 26 Jan 2022 03:44:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pr
cmgfinancial.us-4.evergage.com/ 		0
461 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cmgfinancial.us-4.evergage.com/pr?.top=610&action=MySite&.tt=559&.ttdns=30&.dt=2041&.bv=16&_ak=cmgfinancial&_ds=engage&.scv=7&channel=Web&_r=823256&.anonId=61fcdf5d158f32b0&_anon=true
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/cmgfinancial/engage/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.155.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-155-233.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cmgfi.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.cmgfi.com
date
Wed, 26 Jan 2022 03:44:40 GMT
x-content-type-options
nosniff
server
Apache-Coyote/1.1
timing-allow-origin
*
large
images.typeform.com/images/d4hcGHjRPa/background/ Frame 18A7 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.typeform.com/images/d4hcGHjRPa/background/large
Requested by
Host: cmgfinancial.typeform.com
URL: https://cmgfinancial.typeform.com/to/NCk530ZZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b33f0324e67745a790358e65206e56b5a0eb15c1fc51b8febf7f81fe6140c8f3
Security Headers
Name Value
Content-Security-Policy script-src 'self'

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 16:09:09 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront), 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age
41731
x-amzn-requestid
a38d4fb7-c61a-4f6e-9674-d63711ca982c
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-61f020a4-5c1178783c36d2fc1da0c65e;Sampled=0
content-security-policy
script-src 'self'
x-amz-cf-pop
FRA56-P5, FRA56-P5
x-amz-apigw-id
MgoJyGHxoAMFZYQ=
content-length
229071
x-amz-cf-id
wQZw-oZTyENFHvp9utvk7ETBxYGvny-mQsvx4khu-kwuWgEaV1GoyQ==
api.js
cmgfinancial.typeform.com/cdn-cgi/bm/cv/669835187/ Frame 18A7 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmgfinancial.typeform.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: cmgfinancial.typeform.com
URL: https://cmgfinancial.typeform.com/to/NCk530ZZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfktRlT0yXEHhIzC5nuWd%2BYPBX%2B7hjGF6YjwOV0z36XI3zJXQE2C8IIyd4WU8oiu7TCZ1n9EUricgR8QejGqfCggwGMtsFbsvDWIvcphuhDLOVHBUzBC9pau5aYniDdajato2DPKG7w%2F1mc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6d36be7caacf5b98-FRA
modern-renderer.626947b10d6866af8326.js
renderer-assets.typeform.com/ Frame 18A7 		498 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-renderer.626947b10d6866af8326.js
Requested by
Host: cmgfinancial.typeform.com
URL: https://cmgfinancial.typeform.com/to/NCk530ZZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5e00:4:f6ce:61c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8341357f362e1c19b530b1ebffa2402e6da7a885af28d7dfd4be7e226a467b99

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
Origin
https://cmgfinancial.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 01:13:47 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
14908
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 09:50:07 GMT
server
AmazonS3
etag
W/"e715a37c9b1997d69316a7cabedac890"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
XWY34iHt9wdtsSj0pk899J69j4bR0ZqFM7SN8pH8el_vGUSKghkx_A==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/4JCDOKYQ2JA2VLPT22OD2P/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
HTTP/1.1
Server
2600:9000:225e:4200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
74835
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 18 Oct 2021 21:07:54 GMT
Server
AmazonS3
Date
Tue, 25 Jan 2022 06:57:26 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
msWL9kpVs0tKIl17pFJ3U3zgNrxomE4Bxz0j9ZlNQX3kt5hXNJy3UA==

Redirect headers

Date
Tue, 25 Jan 2022 15:27:07 GMT
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Age
44252
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
D81z0zh0gkYTC2dsUWlmmpHL9ezZxmni5W-9QYiWIziyCSG3izl7YA==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/4JCDOKYQ2JA2VLPT22OD2P/4U6Z4KCABJH43A5A4ZXS3C/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
HTTP/1.1
Server
2600:9000:225e:4200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
7073
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Wed, 26 Jan 2022 01:46:48 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
VJYWAbUneuQ0TZHsdjRG1ny719g2VPHdYe_TbQs7SovZCsLqmVjf3A==

Redirect headers

Date
Tue, 25 Jan 2022 15:27:07 GMT
Via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
Age
44252
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
DdZkn94SVRinSwZW1i3tROr3Qrek2a1QL3OZkZUghKTZo37gFkBthg==
index.js
s.adroll.com/j/pre/4JCDOKYQ2JA2VLPT22OD2P/4U6Z4KCABJH43A5A4ZXS3C/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/4JCDOKYQ2JA2VLPT22OD2P/4U6Z4KCABJH43A5A4ZXS3C/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
rVSAF5dVNlxR7J9zsAZ7S7_Q8mPltOBX
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
Age
3092
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Last-Modified
Sun, 23 Jan 2022 13:29:07 GMT
Server
AmazonS3
Date
Wed, 26 Jan 2022 02:53:08 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
LQa5kQI36bH5i7wOOJwT_bp-K1OtRNf9IYxML6AkpMg2kW72VTKlsA==
337428276997060
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/337428276997060?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa34bd001d646e632ff9501f8539eb582fb3ac2099b6c614f24bfaa993091877
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
HWN+njWjbcVQK1MPHcDkF3ESiGr6tr7reY9G8/L2zUsYIEXJQjQN+D6RBkBSIpBgvtuTtwDTaYawYLud7lIbjA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 26 Jan 2022 03:44:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
17490267.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17490267.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Jan 2022 03:44:39 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AB875ADE30AC411394485AFBD017C876 Ref B: FRAEDGE1216 Ref C: 2022-01-26T03:44:40Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17490267&tm=gtm002&Ver=2&mid=8910bb80-443a-4734-8591-c1021261a469&sid=4a9396207e5a11ec8117ad85fdc1a16e&vid=4a93e5807e5a11ecadb1c1ab876d7f32&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bill%20Heon%27s%20MySite%20%7C%20CMG%20Financial&p=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&r=&lt=2041&evt=pageLoad&msclkid=N&sv=1&rn=457265
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 03:44:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 49C4C31003E74A90A5F2F9CE2ACA6B5F Ref B: FRAEDGE1216 Ref C: 2022-01-26T03:44:40Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
result
cmgfinancial.typeform.com/cdn-cgi/bm/cv/ Frame 18A7 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmgfinancial.typeform.com/cdn-cgi/bm/cv/result?req_id=6d36be79381a5b98
Requested by
Host: cmgfinancial.typeform.com
URL: https://cmgfinancial.typeform.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HvSBi%2BYiVmi2a3t4j67xCu1J1iL8HKOGT1EF9hbSrOfmGezcnhkKshXqtTuIrWzTRwO9wZu0PDybiTetaJ%2F7tm2TEG57VROSRECZIWxJhpH6mCPpxCnrTZyi4UQhXGa9zRhdoFQ6yNkTNA%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6d36be7d4b3d5b98-FRA
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2111739981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&ul=en-us&de=UTF-8&dt=Bill%20Heon%27s%20MySite%20%7C%20CMG%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=2026310471&gjid=1455106475&cid=294471505.1643168681&tid=UA-73683534-1&_gid=1252670828.1643168681&_r=1&gtm=2wg1o0TXMDZ33&cd2=edcac287-c925-40e4-9023-015c491b4ab7&cd3=2022-01-26%2003%3A44%3A40&cd5=bill-heon&cd6=mysite&z=1791877945
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cmgfi.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 03:44:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cmgfi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
4JCDOKYQ2JA2VLPT22OD2P
d.adroll.com/consent/check/ 		386 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/4JCDOKYQ2JA2VLPT22OD2P?arrfrr=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&_s=46699ece3122d1c0f04b74a7121e4edc&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
f0e36e9b6384ca9f69780b7d2623bd9a181243ef2193fa5c6e3932365673066a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
server
nginx/1.20.0
content-length
386
content-type
application/javascript
modern-vendors~attachment~form.4b01d7c0f31fbef943a3.js
renderer-assets.typeform.com/ Frame 18A7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-vendors~attachment~form.4b01d7c0f31fbef943a3.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.626947b10d6866af8326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5e00:4:f6ce:61c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5da692a7a24a6b186411cbce9fbb415e7809b44cf4a35c9859923db2cde73acf

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
Origin
https://cmgfinancial.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 01:12:45 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
44699
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 24 Jan 2022 13:25:34 GMT
server
AmazonS3
etag
W/"a421025c1cf6b3f3ef8272b60c95d130"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
fan6tVwv4eLrVNJuWcVsAZqLlJUGsUk1yOLvPklcHE9rbbK8ms1WHA==
modern-vendors~form.010d778057fd1a2fb352.js
renderer-assets.typeform.com/ Frame 18A7 		420 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-vendors~form.010d778057fd1a2fb352.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.626947b10d6866af8326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5e00:4:f6ce:61c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8293435ba6508dfe80b3a3ef7fabafc5f79eaa72d73769ca9ed5ccac02dbc0a0

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
Origin
https://cmgfinancial.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 01:12:45 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
44699
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 24 Jan 2022 13:25:34 GMT
server
AmazonS3
etag
W/"81d0904deb0d9db067b1626f1ac46cda"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
eyXH90nq-A1YuWLYCNj8a9Lqo_rCKsHFCxDRKWr1SM_8ax7uHFLdMw==
modern-form.2385de4a18c043c906db.js
renderer-assets.typeform.com/ Frame 18A7 		201 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-form.2385de4a18c043c906db.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.626947b10d6866af8326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5e00:4:f6ce:61c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3edbcdee58bffdc010c03a5d912137907cbb004e57b9472fbe546eda8a71259b

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ
Origin
https://cmgfinancial.typeform.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 01:12:45 GMT
content-encoding
gzip
vary
Access-Control-Request-Headers,Access-Control-Request-Method
age
62116
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 09:50:07 GMT
server
AmazonS3
etag
W/"e01e7ab33638570217b84fca2ebc0111"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
bXpm9g3SefXLDFF2qhcEaEQSLveCEzMQ8IiAKoMUTufar_yAVB0Tmw==
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73683534-1&cid=294471505.1643168681&jid=2026310471&gjid=1455106475&_gid=1252670828.1643168681&_u=YGBACEAABAAAAC~&z=82895189
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cmgfi.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 26 Jan 2022 03:44:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.cmgfi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/ Frame 18A7 		349 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.010d778057fd1a2fb352.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-125.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c06123162966e3e707e462ce54da89f7e8dfd956192c925801e2aee1f31ef4ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
1g5pFCAi.Z8MxJR1w2ZfmH19DYyMCn7S
content-encoding
br
etag
W/"c9051d25ae8192f386c2f09d44d4d620"
age
19
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Wed, 05 Jan 2022 18:24:42 GMT
server
AmazonS3
date
Wed, 26 Jan 2022 03:44:23 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
H7zno5zGCnPyPixtFUefztboxKxcHrWQ-lfROXjd0DjyTH2eZzB94g==
view-form-open
cmgfinancial.typeform.com/forms/NCk530ZZ/insights/events/ Frame 18A7 		2 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmgfinancial.typeform.com/forms/NCk530ZZ/insights/events/view-form-open
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.010d778057fd1a2fb352.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jan 2022 03:44:41 GMT
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-release
1728537518
x-envoy-upstream-service-time
10
content-length
2
x-build-date
2022-01-21T12:00:22+0000
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NluUi2i6IlFZwpQUYyqNf5r%2Fgovott%2FHo6CjZI9u62gTJgGu0nWQDwNqfGCI7Wn0UASt3B2lMLvGLRRezxPAbTv8ZM2f7ZCTnAdfUqvaAzk5MLzpET2dMtImxrv2HBIILIsu5P%2BaLedar30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cmgfinancial.typeform.com
x-newp
Yes
access-control-expose-headers
Location, X-Request-Id
x-service
insights-2.0
x-commit-sha
f1207169440cf27374a63118dd1c9fc3529305dc
cf-ray
6d36be7e5c385b98-FRA
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73683534-1&cid=294471505.1643168681&jid=2026310471&_u=YGBACEAABAAAAC~&z=2085431643
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 03:44:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73683534-1&cid=294471505.1643168681&jid=2026310471&_u=YGBACEAABAAAAC~&z=2085431643
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 03:44:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
consent_tcfv2.js
s.adroll.com/j/ 		391 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ca95c128ac8182e275c27d7d2c79e496468b000c84f1760427bda48e6c76ea5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
NUNn6FITSuYhdE6o4FnWYSf0oL.peI4s
Content-Encoding
gzip
Etag
W/"1af244f5a65f1d15e18b6804e4d65960"
Age
263
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Dec 2021 18:54:25 GMT
Server
AmazonS3
Date
Wed, 26 Jan 2022 03:41:14 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
aDCZL6zMs7niyaJbf3dzXXx0tnyVKMSyUUi61y2CNi8_O_Etk6qNLw==
461580521826844
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/461580521826844?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83532c056d6f0e4e04389942237d8228fefd2b552e0513f5f4c9406bc8131ac1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
/aWAmGO29ZiT5kZSmlNTTQ8QW3u/crZM5ubXuTu08ITafQD65ZDfHsJsRUk7gNK3hssyjmOpz9u3vmRHI9yTDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 26 Jan 2022 03:44:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=337428276997060&ev=PageView&dl=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&rl=&if=false&ts=1643168680774&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643168680773.709540629&it=1643168680460&coo=false&exp=p1&rqm=GET
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 26 Jan 2022 03:44:40 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1333642%26time%3D1643168680784%26url%3Dhttps%253A%252F%252Fwww.cmgfi.com%252Fmysi...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&liSync=true&e_ipv6=AQIxV2K6ijM8BgAAAX6UfEypkOCiCNoYigpxlAAIbT7YkS...
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&liSync=true&e_ipv6=AQIxV2K6ijM8BgAAAX6UfEypkOCiCNoYigpxlAAIbT7YkS2K2nXBL6eZW8CnABUbBjNSwpiO
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H2
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:41 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
wsH+uTW1zRZQqRLjRCsAAA==

Redirect headers

date
Wed, 26 Jan 2022 03:44:41 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 0E7878ECCEE4479BBCA14C0137F06B05 Ref B: FRAEDGE1512 Ref C: 2022-01-26T03:44:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1333642&time=1643168680784&url=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&liSync=true&e_ipv6=AQIxV2K6ijM8BgAAAX6UfEypkOCiCNoYigpxlAAIbT7YkS2K2nXBL6eZW8CnABUbBjNSwpiO
x-li-proto
http/2
content-length
0
x-li-uuid
AAXWdAWLR+utLIIBS2YkQw==
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
79291
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Tue, 25 Jan 2022 05:43:09 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA60-P4
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
fo3bqfIKpqY6pzmepiGCxMyF2E2dXt5jF3uw276_EKIdKaVnT9SWwA==
i
api.segment.io/v1/ Frame 18A7 		21 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.179.129 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-179-129.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cmgfinancial.typeform.com
date
Wed, 26 Jan 2022 03:44:41 GMT
content-length
21
vary
Origin
content-type
application/json
/
www.facebook.com/tr/ Frame 5CA3 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.cmgfi.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.cmgfi.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Wed, 26 Jan 2022 03:44:41 GMT
t
api.segment.io/v1/ Frame 18A7 		21 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.179.129 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-179-129.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cmgfinancial.typeform.com
date
Wed, 26 Jan 2022 03:44:41 GMT
content-length
21
vary
Origin
content-type
application/json
config.json
cdn.acsbapp.com/cache/app/cmgfi.com/ 		136 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/cmgfi.com/config.json
Requested by
Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.68.39.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
cdn100.acsbapp.com
Software
/
Resource Hash
263da8b776137614f453e267bbc9db9f2af943c93fec1959be8a664f7fda346f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:41 GMT
last-modified
Tue, 25 Jan 2022 16:06:08 GMT
etag
"88-61f01ff0-c4e9a5c78305801e;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
136
expires
Thu, 27 Jan 2022 03:44:41 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=337428276997060&ev=Microdata&dl=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&rl=&if=false&ts=1643168681284&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bill%20Heon%27s%20MySite%20%7C%20CMG%20Financial%22%2C%22meta%3Adescription%22%3A%22Bill%20Heon%20is%20an%20experienced%20mortgage%20lender%20located%20in%20Coronado%2C%20CA%20that%20specializes%20in%20all%20new%20purchase%20and%20refinance%20needs.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bill%20Heon%27s%20MySite%22%2C%22og%3Adescription%22%3A%22Bill%20Heon%20is%20an%20experienced%20mortgage%20lender%20located%20in%20Coronado%2C%20CA%20that%20specializes%20in%20all%20new%20purchase%20and%20refinance%20needs.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643168680773.709540629&it=1643168680460&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: www.cmgfi.com
URL: https://www.cmgfi.com/mysite/bill-heon
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 26 Jan 2022 03:44:41 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2111739981&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&ul=en-us&de=UTF-8&dt=Bill%20Heon%27s%20MySite%20%7C%20CMG%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Window%20Load&ea=Window%20Load&el=Window%20Load&_u=aHDACEABBAAAAC~&jid=&gjid=&cid=294471505.1643168681&tid=UA-73683534-1&_gid=1252670828.1643168681&gtm=2wg1o0TXMDZ33&cd1=294471505.1643168681&cd2=e0a85828-25d7-4337-a861-37c0eaab5961&cd3=2022-01-26%2003%3A44%3A41&cd5=bill-heon&cd6=mysite&z=1034022140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jan 2022 05:03:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81668
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=461580521826844&ev=Microdata&dl=https%3A%2F%2Fwww.cmgfi.com%2Fmysite%2Fbill-heon&rl=&if=false&ts=1643168681536&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bill%20Heon%27s%20MySite%20%7C%20CMG%20Financial%22%2C%22meta%3Adescription%22%3A%22Bill%20Heon%20is%20an%20experienced%20mortgage%20lender%20located%20in%20Coronado%2C%20CA%20that%20specializes%20in%20all%20new%20purchase%20and%20refinance%20needs.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bill%20Heon%27s%20MySite%22%2C%22og%3Adescription%22%3A%22Bill%20Heon%20is%20an%20experienced%20mortgage%20lender%20located%20in%20Coronado%2C%20CA%20that%20specializes%20in%20all%20new%20purchase%20and%20refinance%20needs.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643168680773.709540629&it=1643168680460&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 26 Jan 2022 03:44:41 GMT
en.build.json
cdn.acsbapp.com/cache/app/ 		232 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/en.build.json
Requested by
Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.68.39.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
cdn100.acsbapp.com
Software
/
Resource Hash
9859f66ffd13e43307308c79d3a53d60fd72254e8a2dda9161146533c1a6263c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cmgfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 03:44:41 GMT
content-encoding
br
last-modified
Wed, 29 Dec 2021 22:51:03 GMT
etag
"3a145-61cce657-67b147b42be9370e;br"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
25259
expires
Thu, 27 Jan 2022 03:44:41 GMT
i
api.segment.io/v1/ Frame 18A7 		21 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.179.129 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-179-129.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cmgfinancial.typeform.com
date
Wed, 26 Jan 2022 03:44:43 GMT
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ Frame 18A7 		21 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.179.129 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-179-129.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cmgfinancial.typeform.com
date
Wed, 26 Jan 2022 03:44:43 GMT
content-length
21
vary
Origin
content-type
application/json

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| BEJSSDKObserver function| jsElementReady object| BEJSSDK object| BEIXF object| dataLayer object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout number| evergageReshowPersonalizedSectionsTimeout function| initializeFPJSLibrary function| detectIE object| _bright3 function| beLinkBlockCallback boolean| ie_version undefined| style undefined| select object| scriptTag string| org_id object| betrack object| showLogs string| domain object| domainPath object| timeout string| sessionTmeout boolean| bf_e_org object| bf_e_org_list number| bf_i object| bf object| goal object| goalvalue number| maximum_custom_variables number| maximum_custom_metrics object| customdimension_value object| custommetric_value number| maximum_conversions object| conversion_count_value object| conversion_value_value boolean| disableTrack object| deferCallback object| useCustomLinkBlockStyles object| showLinkBlock object| JSON3 function| isSameSiteNoneCompatible function| shouldSendSameSiteNone number| c_begin function| Fingerprint2 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery function| GinitMap function| enableStep2 function| HideAllQuestions function| showQ1 function| showResult function| yesForm3 function| noForm3 object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| showq2 function| showq3 function| EnableSubmit function| copyurl undefined| main object| google_tag_manager string| cookie_str number| s_expire string| cookie_set_string number| c_end object| google_tag_data string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| _linkedin_data_partner_id function| fbq function| _fbq function| protect string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list function| __cmp function| __tcfapi function| UET function| UET_init function| UET_push object| ueto_e5dfee52a1 object| uetq object| gaplugins object| gaGlobal object| gaData object| __adroll_consent_data object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country function| lintrk boolean| _already_called_lintrk object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _0x2141 function| _0x35fd object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners function| EJSCustomEvent

22 Cookies

Domain/Path Name / Value
www.cmgfi.com/ Name: _evga_410a
Value: {%22uuid%22:%2261fcdf5d158f32b0%22}
www.cmgfi.com/ Name: lostate
Value: open
.cmgfi.com/ Name: BE_CLA3
Value: p_id%3DNJPA2424RP64R68AAJRLR4NNRAAAAAAAAH%26bf%3D9a146a6dd5b92bb6e2686efa069789be%26bn%3D1%26bv%3D3.43%26s_expire%3D1643255080395%26s_id%3DNJPA2424RP64RNL488NLR4NNRAAAAAAAAH
.cmgfi.com/ Name: _gcl_au
Value: 1.1.1302335076.1643168680
.bing.com/ Name: MUID
Value: 379820CA1C8D6C4605E331F21D5F6D98
.cmgfi.com/ Name: _uetsid
Value: 4a9396207e5a11ec8117ad85fdc1a16e
.cmgfi.com/ Name: _uetvid
Value: 4a93e5807e5a11ecadb1c1ab876d7f32
.typeform.com/ Name: __cf_bm
Value: 82KsFBgjolJCVuIp.8MPQORF0nAj3y.GhCi.cFWcQ1M-1643168680-0-AaBmxxrf632eygHz3vgQTCC8wiD8z+NNR3+5BnEF4K8XdJsGKMyar5u49gOetyu9gfJtISHsgo5ms702UzVjgcUyNetWWZ0M+x91NueV48IhSIMjW988sqmeyWPLbet0I386CEQEV6GMZNQsnjX9UQlTF3vDcsjvMCtVEOxLDrPa
.cmgfi.com/ Name: _ga
Value: GA1.2.294471505.1643168681
.cmgfi.com/ Name: _gid
Value: GA1.2.1252670828.1643168681
.cmgfi.com/ Name: _gat_UA-73683534-1
Value: 1
cmgfinancial.us-4.evergage.com/ Name: AWSALBCORS
Value: zU9DX8we/vVm/BO9O7bj3d1V647PZg+6tFkVKl+9M5I1muyCZ2MsvwkEdmVCbFbxLrj9AOjT36mk1rgnh9ZSYwHuWfZY9nHR8t/7plUf4NHDKcacIOHspfxuOWxp
.typeform.com/ Name: attribution_user_id
Value: 569b968b-3c4e-46c9-aa1a-7357db1eceac
.cmgfi.com/ Name: _fbp
Value: fb.1.1643168680773.709540629
.linkedin.com/ Name: UserMatchHistory
Value: AQLxa1tTNNBbOwAAAX6UfEu6QQ3Y5MFlyPdKKpxCcXp44UMrfCYjgxLzPAm2bqIk1AyJTPKNKgSiZA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIvJ_LE4E2g-wAAAX6UfEu6tf5pDoXIgmm9eWt8o_rqKNemCuUY7TjJbj021KmaEOMAiLLjt0vTzU1_Er53Rg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&19ad368f-805a-48cf-83de-6e2d4a90340d"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2537:u=1:x=1:i=1643168680:t=1643255080:v=2:sig=AQHCOHBGrgDBlCB_UkQuXLy786SdM7Rr"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220126034441f1e5ae44-f4e6-469b-8ea2-a3d3cba93eb0AQG8ThHMuwSVgYaxekk18EdOZoDVic05"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDMxNjg2ODE7MjswMjHz0AbkmrgVwfFSsNSaEErwLBzkEdmpHgdbRzdKnKvCqA==

1 Console Messages

Source Level URL
Text
javascript warning URL: https://cmgfinancial.typeform.com/to/NCk530ZZ?typeform-source=www.cmgfi.com
Message:
The resource https://images.typeform.com/images/d4hcGHjRPa/background/large was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.b0e8.com
acsbap.com
acsbapp.com
api.segment.io
bat.bing.com
bheon.cmgfi.com
cdn.acsbapp.com
cdn.b0e8.com
cdn.bc0a.com
cdn.evgnet.com
cdn.segment.com
cloud.cmgfi.com
cmgfinancial.typeform.com
cmgfinancial.us-4.evergage.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
images.typeform.com
ixfd-api.bc0a.com
px.ads.linkedin.com
px4.ads.linkedin.com
renderer-assets.typeform.com
res.cloudinary.com
s.adroll.com
snap.licdn.com
stats.g.doubleclick.net
use.fontawesome.com
www.cmgfi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.18.27.71
108.174.10.14
151.101.0.114
161.35.15.77
167.172.136.187
18.66.110.125
192.26.129.154
208.68.39.149
2600:9000:223f:1000:8:2495:5540:93a1
2600:9000:2251:5e00:4:f6ce:61c0:93a1
2600:9000:225e:4200:6:9280:1080:93a1
2606:4700:3031::ac43:d645
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:810::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9b
2a00:1450:400f:802::200e
2a02:26f0:1700:785::2a03
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:5f80:a::b212:e7d1
2a04:4e42:200::393
34.95.105.148
35.190.5.192
35.201.125.192
35.244.153.179
52.40.155.233
54.149.179.129
54.228.17.128
039154b1c375a8d7a9d566540ba91200190c0c171156e9a6152525e76cbd1f1f
076e73392b5ebe3f0aabe0bccf01c23ef3ea379eb0492973e4b1283efde20c08
08f7874f8336b47e49d9719c38cea16cdea6362962f5001db3f2d0bb47332357
0d0210ffc59c6b17cac9e8649d90ec2deb653fb06b3d69d1515b03977ffea5e1
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
179630f917d4ec0d18da300695088fb39240175e25c2573bf3470d0356784c13
1ca95c128ac8182e275c27d7d2c79e496468b000c84f1760427bda48e6c76ea5
1d3abd732d070f29e03b4e0430a2417a7777531331c79e8fcb835ba720d11c55
2429c5d6591f4e77bf1bd40d676c9b2c99193df4c77ed9fde2b756fb043c4618
263da8b776137614f453e267bbc9db9f2af943c93fec1959be8a664f7fda346f
2643d41961fbdcd13f0b268c44d86be1a36dc99d76b554aad2f55bfe796b3009
36c1b023fd21b0fd63e3452cb239632417a50e45729fe01c2389ebfbc3c65330
38922a1d63adfbf9ea5791c3534cf87d63f02d800ff04c4f65fe9c575b31ea59
3d66c07c2f0a3ac62d60b03bbd9d3c8ad2d3329e58118000aedc8fe851cc37be
3edbcdee58bffdc010c03a5d912137907cbb004e57b9472fbe546eda8a71259b
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d7ff4ef974fb0df2c72554d155d8aacf276971a9918eab56516ac6a9399dbf
47f19cec8be1973ec77799539c2074cf54fdf585dce070993781cad3d4c0f40f
4e52b6223665175a2688bf4929344a3342da50f262ba32b3286c5b2d5a690edd
54ccb99ccfbd9a740970f3074087a4d83ed85d5413c8ed623f738cc7b2e28ccd
5da692a7a24a6b186411cbce9fbb415e7809b44cf4a35c9859923db2cde73acf
5ff1f48762983a74ab221de9e3d761ff6a64788c4b3034a6940510a67c3ad8c4
65765b24e95c694e746a6350dd8b43c7118b008ff94ec64c66c20ddc25512d71
6b40716ed5aca30425659bcc7b021ccea5dd96d726f9bc1fbe17269d88f36e4d
7083d7e67c12047440e8f011fba46394abadf0545972501057cab404db802b98
7c8c2059031bc79bc79a7cb145f0c9ecf35a8a7496d2c3575892b20e6bfb2277
805dc73ce21ac8a409cf45162522a4ae6f165d0b25b737eb510287362f499564
814b61c3ba45df49d57dd04e49b3fe07198692ec01c0026b9171999da87d09db
8293435ba6508dfe80b3a3ef7fabafc5f79eaa72d73769ca9ed5ccac02dbc0a0
82c4364311473175de2dc6099d2e4c3b12e5fee18888fa54193f7d04ec7be9e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8341357f362e1c19b530b1ebffa2402e6da7a885af28d7dfd4be7e226a467b99
83532c056d6f0e4e04389942237d8228fefd2b552e0513f5f4c9406bc8131ac1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873b40b767d89507770740a7139ece80c20b742bcd51c11e547e76d4fead370c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a2307dc995110a638dc283ff13eba5d093f6d8c0f38f4f709cd9113238a62e9
8b044eae64a4ee003537a325252f870b7ea109ab33e313bd6b480b6a59d70589
92954c4e5e64aa359abcdc926a0209145645309e82006d5b7bb0bf177e01678a
9859f66ffd13e43307308c79d3a53d60fd72254e8a2dda9161146533c1a6263c
98c893be0d7a4021faab7789204f81e54fc3268ac369bfea216b846706fc9590
9a7dc955a41062d84e1d85082ecaa5189eae8c8cbba0122ef28c8871a4db77ee
9a90cfb785eb50f1cb3332c7726a57c6cb20f1bc68d21dbbb4d6ce11f048ba5e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1febf1e953ec7e3f29a4f34cf62e2d941db281ce2d5baeb425b56fc37b7717a
a36f2a2cabf2cdb3c2a6badb11a845320763cda33037a59542df006f93a23b1e
a3f65921afd556d3e8917b214d5324c6d62849a9f0608c53556f3792a6ce9d36
a4f33a00ddafd5a8b5d0b0ee54b848ba1007286d5da9d9edd2168a0e80282ead
ac74d7d0323d238309ee0a321935a57cbad893de6ae27e4b568f444531466e5e
afdd29778a35ecf1638fc1c8bee1d4f7843d437d01b5db08cdf364da6b0edeaf
b33f0324e67745a790358e65206e56b5a0eb15c1fc51b8febf7f81fe6140c8f3
ba73d9e5a1b9e4cd7c92f860ee9f2484bca86143d07483a65c6a783d3b741f51
bc949f62ed362bf2794d32ba1e75b9804f9b49b99c6d55fdfcb56b3b31b5170d
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c06123162966e3e707e462ce54da89f7e8dfd956192c925801e2aee1f31ef4ff
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
cdb8a1a5a48ebd996be48e0ea688de87d8fba555e97988105ba3191cd601b2f5
d2c0de19d7a07ab3d4ac507eaae19594d7d1ed8c7a36c4e675a01892cee13a08
d4a233f35ce5d1db7781143dc170e92fb18651deefe7dbd77159b38a57d07b4f
d580476368dbd46778860b1862b6ad7bf767acb535fa7000b7a58e879c7caf9d
d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e36e9b6384ca9f69780b7d2623bd9a181243ef2193fa5c6e3932365673066a
f1bbb8127b5d5b33dae60b322733f311a584debdeb9334d7b9c4a59ff7bc6a3a
f2b23e3c4fadd7fb6548cdb7bc792730592c6b9ae2a32da972fab2223fb91bb2
f316c385db5dc9485867159f3675877f94568fab92b43955fbd0f64f4555b89c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f80fd52943368497d8caf8299a4d60b5cbf633b7866289af14369ecb72860bb4
fa34bd001d646e632ff9501f8539eb582fb3ac2099b6c614f24bfaa993091877
fb2796429936794a197a6c0e264407ab2114a6e79b6b044c261fef6205d0bfbd
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3