www.gemwealthplanninggroup.com Open in urlscan Pro
2606:4700::6810:45c5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gemwealthplanninggroup.com/
Submission: On February 17 via automatic, source certstream-suspicious (February 17th 2023, 9:50:43 am UTC) — Scanned from DE

Summary HTTP 46 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 46 HTTP transactions. The main IP is 2606:4700::6810:45c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gemwealthplanninggroup.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on January 26th 2023. Valid for: a year.

This is the only time www.gemwealthplanninggroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6810:45c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2600:9000:239... 2600:9000:2394:1600:11:ad6d:cf00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.101.220 52.217.101.220	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:10:... 2606:4700:10::ac43:47c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.147.10 18.66.147.10	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
2	2.18.36.141 2.18.36.141	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	44.240.3.37 44.240.3.37	16509 (AMAZON-02) (AMAZON-02)
2	52.184.200.53 52.184.200.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
46	17

1 2606:4700::6810:45c5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gemwealthplanninggroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2394:1600:11:ad6d:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fmgsuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.101.220 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

fmg-websites-custom.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:47c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.riskalyze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:112 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.riskalyze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.oncehub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-10.fra60.r.cloudfront.net

static.site24x7rum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.36.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-141.deploy.static.akamaitechnologies.com

eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.3.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-3-37.us-west-2.compute.amazonaws.com

col.site24x7rum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.184.200.53 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

go.oncehub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	fmgsuite.com static.fmgsuite.com — Cisco Umbrella Rank: 108434	2 MB
12	oncehub.com cdn.oncehub.com — Cisco Umbrella Rank: 101043 go.oncehub.com — Cisco Umbrella Rank: 108492	592 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	124 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 298	34 KB
2	gstatic.com fonts.gstatic.com	60 KB
2	rackcdn.com eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 683062	5 KB
2	site24x7rum.com static.site24x7rum.com — Cisco Umbrella Rank: 20624 col.site24x7rum.com — Cisco Umbrella Rank: 25613	22 KB
2	riskalyze.com 1 redirects www.riskalyze.com — Cisco Umbrella Rank: 421460 pro.riskalyze.com — Cisco Umbrella Rank: 344249	10 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6232	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	360 B
1	amazonaws.com fmg-websites-custom.s3.amazonaws.com — Cisco Umbrella Rank: 168242	405 B
1	gemwealthplanninggroup.com www.gemwealthplanninggroup.com	12 KB
46	14

	Domain	Requested by
13	static.fmgsuite.com	www.gemwealthplanninggroup.com static.fmgsuite.com
10	cdn.oncehub.com	www.gemwealthplanninggroup.com cdn.oncehub.com go.oncehub.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.oncehub.com
3	www.googletagmanager.com	www.gemwealthplanninggroup.com www.googletagmanager.com
2	go.oncehub.com	cdn.oncehub.com
2	fonts.gstatic.com	fonts.googleapis.com
2	eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com	www.riskalyze.com eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com
2	fonts.googleapis.com	www.gemwealthplanninggroup.com www.riskalyze.com
1	col.site24x7rum.com	static.site24x7rum.com
1	ajax.googleapis.com	www.riskalyze.com
1	www.google.de	www.gemwealthplanninggroup.com
1	www.google.com	www.gemwealthplanninggroup.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.site24x7rum.com	www.gemwealthplanninggroup.com
1	pro.riskalyze.com	www.gemwealthplanninggroup.com
1	www.riskalyze.com	1 redirects
1	fmg-websites-custom.s3.amazonaws.com	www.gemwealthplanninggroup.com
1	www.gemwealthplanninggroup.com
46	18

This site contains links to these domains. Also see Links.

Domain
brokercheck.finra.org
fscbrokerageview.netxinvestor.com
pro.riskalyze.com
advgrp.co
www.caprivacy.org

Subject Issuer	Validity	Valid
www.gemwealthplanninggroup.com Cloudflare Inc RSA CA-2	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.fmgsuite.com Amazon	`2022-08-30` - `2023-09-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
cdn.oncehub.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.site24x7rum.com Amazon	`2022-07-31` - `2023-08-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.ssl.cf2.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-23` - `2024-01-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.oncehub.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.gemwealthplanninggroup.com/
Frame ID: B883F01576A5E8BAB5A1B50671C07D0C
Requests: 36 HTTP requests in this frame

Frame: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1
Frame ID: 4B6BE33D15D25D55F26A09B5CD2C2107
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gem Wealth Planning Group

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

98 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

17
IPs

5
Countries

2894 kB
Transfer

5717 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://brokercheck.finra.org/
Title: Click here to learn more about our financial professionals by visiting FINRA's BrokerCheck.

Search URL Search Domain Scan URL

URL: https://fscbrokerageview.netxinvestor.com/web/fscbv/login
Title: eQuipt Login

Search URL Search Domain Scan URL

URL: https://pro.riskalyze.com/embed/32baa87e3b77a27a9094
Title: What's Your Risk Number?

Search URL Search Domain Scan URL

URL: https://advgrp.co/FormCRS-FSC
Title: Form CRS

Search URL Search Domain Scan URL

URL: https://www.caprivacy.org/
Title: California Consumer Privacy Act (CCPA)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js HTTP 301
https://pro.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gemwealthplanninggroup.com/ 61 KB
12 KB 643ms
507ms Document
text/html 2606:4700::6810:45c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:45c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db83c59ee74e871cbaa10520d325e076c14140d31eb06c2f18080dfe27b3a8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 79ad9ea7dc37364b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Feb 2023 09:50:37 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-stackifyid: V2|a9239bbb-7f2b-4fcf-8157-1146f022c281|C78253|CD57020

GET
H2 200 7ac.css
static.fmgsuite.com/site/templates/007/dist/ 257 KB
38 KB 118ms
16ms Stylesheet
text/css 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.30715.387
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffcec73f201bb4b74a10245cb33abea954bef9d3217b141ea695ea386f0df2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:53:13 GMT
x-amz-version-id: .vjZfmqtyZgUtNIbNIDJfNKxOWkovBGC
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 20:42:47 GMT
server: AmazonS3
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
etag: W/"ce2f73de8cf73b42ca5a98e6d28642c1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 71845
x-amz-replication-status: FAILED
x-amz-cf-id: 3dOH2zash-Xy8_hBV_2vXnHmlpgVTKqCyNAHIdQUB0pE2DTrBLTAVw==

GET
H2 200 css
fonts.googleapis.com/ 733 B
792 B 104ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Julius+Sans+One

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c096afc64267ea84189f535ef7ed20d0f222f32f996835bc40f0354dbb68b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Feb 2023 09:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 09:33:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Feb 2023 09:50:37 GMT

GET
H/1.1 200
OK dev-theme-fix.css
fmg-websites-custom.s3.amazonaws.com/ian/dev_theme_fixes/ 0
405 B 346ms
128ms Stylesheet
text/css 52.217.101.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fmg-websites-custom.s3.amazonaws.com/ian/dev_theme_fixes/dev-theme-fix.css
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.101.220 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: 0bJOEov9cBlnOBJokvNW3IXMHt_3cRTB
Last-Modified: Mon, 11 May 2020 19:20:55 GMT
Server: AmazonS3
x-amz-request-id: 4APQ8176J321NB0D
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: NnVfP5WwaCXrP7MWKXr4sQSN3YLbFRXqpFeMinfF5K67Yb/XdrZKWmwSmGLuR36udoWPcBX2Hx8=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 48ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-24680519-10

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c5438e974f5f826f3167cf46ec1de0c0909c5b4a97cb4de1829d9d9bafd79f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44155
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 09:50:37 GMT

GET
H2 200 638bf403-c93d-4f86-97a9-35d75863b0c9.jpg
static.fmgsuite.com/media/images/ 20 KB
20 KB 492ms
490ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/638bf403-c93d-4f86-97a9-35d75863b0c9.jpg
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a25768e046967bee0bc770b13705d0fa884f5a6d48072b01b5820e5745271c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: oAkkza_TviImS2XKpyUywVB9Y0_ZYx.h
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jul 2021 18:48:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "99d635b1a62a89bc20dd4d3087674a0b"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 20184
x-amz-cf-id: OhhhcZcT4yN7DwOfJ3-HnGpwm-gGJu2sHeizwnABg39Crmg4ScT2Sw==

GET
H2

200

btn.js Show response
pro.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/
Redirect Chain

https://www.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js
https://pro.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js

27 KB
10 KB

461ms
427ms

Script
text/javascript

2606:4700:10::6816:112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Server

2606:4700:10::6816:112 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d6065110f31f784d0822a2fc85959e2c92e6ad5d6609aeded219a8eb87427e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"6a98-JgpeCn6S8ArAY/3DTxQUeZTa/Hg"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 8
cf-ray: 79ad9eae28303a84-FRA
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 17 Feb 2023 09:50:37 GMT
cf-cache-status: MISS
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://pro.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js
cf-ray: 79ad9ead1f7c9c04-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 326-largethumb-a.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 166 KB
167 KB 35ms
33ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/326-largethumb-a.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f8c02f24409745d1c8e204380607b22b7b9c4d004a2baf1b7e3cb16fe9ba464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 2vushDTL82oSpdvhbNiJ3NC.MCSzy.IX
date: Thu, 16 Feb 2023 20:01:44 GMT
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 49734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 170441
last-modified: Tue, 29 Mar 2022 22:55:04 GMT
server: AmazonS3
etag: "57b0f976c977007086accd9321ae1616"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: euc9khSXzkm_sC5m1wbF6AYkIPm3hN5Goj_H0LXaaxe_2HB3fvnnOQ==

GET
H2 200 010-largethumb-a.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 83 KB
84 KB 507ms
505ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/010-largethumb-a.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b31e12ffb0c5622be610050f1a1cc6aae090488bc9e68e68a92ef920b5ed68b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: Um6hsxVKDWRx4twVz9vPWEqJin6BYB9M
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 22:54:20 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "1f9c4347d5e94d9c4e8609c1f991036d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 85245
x-amz-cf-id: SL_jkDlqt8zKsVBa1AofYsKOszv-mlny9aAQf-y4P7xcfq7X8MbMjQ==

GET
H2 200 283-largethumb-a.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 42 KB
42 KB 461ms
459ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/283-largethumb-a.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 728615983aded105d572d7e1a5edd33ad321c88477ee951a0b41de86104283cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: w_HEU6SSrOJZbHjqa5oHbOenQHvVISfX
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 22:54:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "31eeac0016dee3ce12f108007fa2c225"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 42796
x-amz-cf-id: 9CzjAXZgEKWGMO6u_u_BEl35sol_2REOZVaj08cK35kH3F5eFKbkZw==

GET
H2 200 107-largethumb-a.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 86 KB
86 KB 501ms
499ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/107-largethumb-a.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecb7b8440f3dcfdfddfad69aae6327e7d9ab36b400684b5b1c46e7cf30c7459d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: 00GmH6ZklqJ3qg1Sr.GTM.XkneQewo.D
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Wed, 02 Nov 2022 20:20:34 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "9ab4426b9d550f0bc21b0dd6081a9393"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 88014
x-amz-cf-id: SeLylIefnWhlWcojmO74qM6pAtzMAswbE81xXLsKlImHx5bzt6u2pg==

GET
H2 200 76b4ca36-2bb0-4641-92e6-9c47c1d588e3.jpg
static.fmgsuite.com/media/images/ 72 KB
73 KB 464ms
463ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/76b4ca36-2bb0-4641-92e6-9c47c1d588e3.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95f7c6c2c35aefe6ec32c627f1a734771907b517867736037c1c805f3206e16f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: 7HogK3PSmhhZF6n5tPGowqPQz.H7DU45
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 16:06:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "9684b5cf925dc3c2a81fd859394efa7b"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 74085
x-amz-cf-id: ApxhRMiJELuuz9kbz_M5DQCKLo6rF-WllWTG2dp7LHgANPDXMazFdA==

GET
H2 200 82470e3e-52bd-43b6-bc8f-2d71f5e6fae2.jpg
static.fmgsuite.com/media/images/ 84 KB
84 KB 495ms
494ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/media/images/82470e3e-52bd-43b6-bc8f-2d71f5e6fae2.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b0409e5c01b63fbd6810d604df6aee39efe4c8515de140728e33ac3eb9391df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:38 GMT
x-amz-version-id: oBIB3RLYe3JU7rDkAuCcatPHUG3_FjmW
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 16:10:27 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
etag: "f99a542103abfad2e0bec8ac55e8880d"
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 85702
x-amz-cf-id: BqnfzTeuZXZNv1JafedmtwZIAS9iFC_tHJTlGYnNwFMY-9xbrfRiZA==

GET
H2 200 1084-largethumb-a.jpg
static.fmgsuite.com/site/templates/global/img/assets/largethumb/ 58 KB
58 KB 46ms
45ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/largethumb/1084-largethumb-a.jpg?v=1
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3100b1c6ddcf660d49e4998bbdff705e353cfba903f04312ec7851f6f257af86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: z0TMY.amm5LbABPAjtZ8x9vETrhTeaSz
date: Thu, 16 Feb 2023 21:07:33 GMT
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 45785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 59021
last-modified: Tue, 29 Mar 2022 22:55:35 GMT
server: AmazonS3
etag: "b3d1ae0cf858f84c3e4735e4e75a9586"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: -aWDGRvB9dhaW4ChXMNLPcvBDZ2ECXoPOS4NhSgYGC7QOZAAc3-r6A==

GET
H2 200 so.js Show response
cdn.oncehub.com/mergedjs/ 8 KB
3 KB 254ms
13ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/mergedjs/so.js

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

46eea03df650c2efbf2b560eef024204bd7477cc7803eebc260f7c894725e6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:37 GMT
x-azure-ref-originshield: 0s0fvYwAAAABMaR+xNEfyTpKLxUkc9cb1RlJBMjMxMDUwNDE3MDUzADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: PSb/zIo4HJR/EigiMrQkrQ==
x-cache: TCP_HIT
content-length: 2091
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:02:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA977F91458"
x-azure-ref: 07U3vYwAAAAD8BJFoNnLUQq5KmfBY1ywrRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7077c9aa-001e-0021-1aaf-42fdd0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=7200
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 scripts.js Show response
static.fmgsuite.com/site/templates/007/dist/ 289 KB
89 KB 17ms
15ms Script
application/x-javascript 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/007/dist/scripts.js?v=2.86.45.30715.387
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fffd4bc61569c2a5b6d18ef7c23ba8133ce1185044d3bbc47beae172c200025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:11:22 GMT
x-amz-version-id: jx4CdcAujpcFUpLB.rvGzJHKnYFWXilh
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 20:42:48 GMT
server: AmazonS3
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
etag: W/"7d0d00bac8094e49d74d4afb64c370e6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
age: 59956
x-amz-replication-status: FAILED
x-amz-cf-id: c8hjEV4GfW6etq5fafy7u8qUuCp7b6qQ27ytQui9OIlXuSsoHB70oQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
38 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTTPZBD

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56d262b4fa9c65ea24fb8754df122565d656413c2728d27ad344a3513c18e7ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38237
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 09:50:37 GMT

GET
H/1.1 200
OK site24x7rum-min.js Show response
static.site24x7rum.com/beacon/ 86 KB
22 KB 71ms
7ms Script
application/javascript 18.66.147.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-10.fra60.r.cloudfront.net
Software: ZGS /
Resource Hash: fb67e3e8554db868ea13c2cfdde7ae425e934e2053ee0aed23f44f6c5f913619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:09:06 GMT
Content-Encoding: gzip
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Server: ZGS
X-Amz-Cf-Pop: FRA60-P4
Age: 2491
Transfer-Encoding: chunked
Vary: accept-encoding
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: W_vghrUv67tc2SBjgr2m3YugET4T6F78-WUsjrVqf9bd_WBH2Do68g==

GET
H2 200 fontawesome-webfont.woff2
static.fmgsuite.com/site/templates/007/fonts/ 75 KB
76 KB 471ms
441ms Font
application/octet-stream 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/007/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.30715.387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.30715.387
Origin: https://www.gemwealthplanninggroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:39 GMT
x-amz-version-id: 8sRDZpzEE884i9lkxwMcGpRxSazPMH9T
via: 1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 77160
last-modified: Mon, 23 Jan 2023 20:42:50 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: HLOVjHdvJwUlfm55MItSS0yVMg9vPOlI1KwasUwWtLQ5aMt4jPgEYg==

GET
H2 200 fmgicons2.woff
static.fmgsuite.com/site/templates/fonts/ 6 KB
6 KB 466ms
436ms Font
application/octet-stream 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmgsuite.com/site/templates/fonts/fmgicons2.woff?v=2.58.0.2
Requested by: Host: static.fmgsuite.com
URL: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.30715.387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47181851e16a59444c2b7d695a1b13e6724ab8c44646719a2f5486aac45f4a9e

Request headers

Referer: https://static.fmgsuite.com/site/templates/007/dist/7ac.css?v=2.86.45.30715.387
Origin: https://www.gemwealthplanninggroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:39 GMT
x-amz-version-id: iLp6D8lXyRRdIT1uu2OdUjDI7vgL7QuD
via: 1.1 c38563a65534cacc21516bd5450b0818.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 5824
last-modified: Mon, 23 Jan 2023 20:42:57 GMT
server: AmazonS3
etag: "6f1d2ace7b4daee7afe9fc08b7de37fd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: QC0qK-ibHTMQ4GM0PMKBByKAhTvPhbi5mfPwF2a2iwWhCSKpTw_eBw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-24680519-10&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTTPZBD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f99f40f84ec3591955082fefe52af96b8d2c4624de5814ae02b129361a99d4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44181
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Feb 2023 09:50:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
22ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24680519-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 09:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2311
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 11:12:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
218 B 41ms
41ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=679698095&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gemwealthplanninggroup.com%2F&ul=en-us&de=UTF-8&dt=Gem%20Wealth%20Planning%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1157917774&gjid=1945747004&cid=896002985.1676627438&tid=UA-24680519-10&_gid=1248975238.1676627438&_r=1&gtm=457e32f0&z=683314896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemwealthplanninggroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gemwealthplanninggroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
360 B 57ms
17ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-24680519-10&cid=896002985.1676627438&jid=1157917774&gjid=1945747004&_gid=1248975238.1676627438&_u=YEBAAUAAAAAAACAAI~&z=1956161668

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemwealthplanninggroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Feb 2023 09:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gemwealthplanninggroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 129ms
61ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24680519-10&cid=896002985.1676627438&jid=1157917774&_u=YEBAAUAAAAAAACAAI~&z=2065571576

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 121ms
56ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24680519-10&cid=896002985.1676627438&jid=1157917774&_u=YEBAAUAAAAAAACAAI~&z=2065571576

Requested by

Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
763 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,700

Requested by

Host: www.riskalyze.com
URL: https://www.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b9a74787bca928fe340a5211f44e81adb7c99624865772c030ecdfd96f13e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Feb 2023 09:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 08:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Feb 2023 09:50:38 GMT

GET
H/1.1 200
OK rsk-button.css
eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/ 9 KB
3 KB 214ms
42ms Stylesheet
text/css 2.18.36.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/rsk-button.css
Requested by: Host: www.riskalyze.com
URL: https://www.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e92c572fe48977061e02d1291df28e9764aff81ac9bcbbb15be6481a965ec94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:50:38 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 27 May 2014 17:39:05 GMT
ETag: 653048f5cd393eee3d9b8efd5cd74b12
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1401212344.50797
Cache-Control: public, max-age=134777
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx9b8bcfb51d4b4275812a3-00636257daord1
Content-Length: 2456
Expires: Sat, 18 Feb 2023 23:16:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 82ms
21ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.riskalyze.com
URL: https://www.riskalyze.com/hosted/v2/32baa87e3b77a27a9094/rq/lt/sm/btn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:58:50 GMT

GET
H2 200 1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2
fonts.gstatic.com/s/juliussansone/v14/ 16 KB
16 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/juliussansone/v14/1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964362fd7e113edc6f34832b645b184160bb47c17af3119cb89071b05d6f1a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gemwealthplanninggroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:42:29 GMT
x-content-type-options: nosniff
age: 162489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:34:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 12:42:29 GMT

GET
H2 200 1144-hero-section.jpg
static.fmgsuite.com/site/templates/global/img/assets/ 1 MB
1 MB 20ms
19ms Image
image/jpeg 2600:9000:2394:1600:11:ad6d:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fmgsuite.com/site/templates/global/img/assets/1144-hero-section.jpg
Requested by: Host: www.gemwealthplanninggroup.com
URL: https://www.gemwealthplanninggroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:1600:11:ad6d:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f789186a73abc6439646c2e3eae2e14fc63742ccec771e9ff4472f6e090244f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 17:00:44 GMT
x-amz-version-id: L12nzCtGn4NyZGSl5.nJ3IFWMIXDJb_Q
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
last-modified: Thu, 16 Dec 2021 20:49:40 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 60595
etag: "a37d33e95b7d94f6b8fb60a0960c739a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1194977
x-amz-cf-id: 4TT0-F28Ew6X485OwByGXzlFxkqqjc53qwMJIPmNZEUXFjUraFMs_Q==

GET
H/1.1 200
OK btn.hosted.logo.lt.png
eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/ 1 KB
2 KB 38ms
37ms Image
image/png 2.18.36.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/btn.hosted.logo.lt.png
Requested by: Host: eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com
URL: https://eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/rsk-button.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72ae6194bdbd3e76af1eb5b38f35992afd6762247f85c56e7cddd849f0c0d728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com/rsk-button.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 09:50:38 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 20 May 2014 16:29:52 GMT
ETag: f4e092fee46a236eae8b2cf663b8ce29
Content-Type: image/png
X-Timestamp: 1400603391.53665
Cache-Control: public, max-age=248047
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx9b11c8062c1f4b17a7f91-0063ef225dord1
Content-Length: 1345
Expires: Mon, 20 Feb 2023 06:44:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gemwealthplanninggroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 103505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 05:05:33 GMT

GET
H2 200 ScheduleOnceEmbed.js Show response
cdn.oncehub.com/mergedjs/ 74 KB
17 KB 11ms
11ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/mergedjs/ScheduleOnceEmbed.js

Requested by

Host: cdn.oncehub.com
URL: https://cdn.oncehub.com/mergedjs/so.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

540a48c10a8bfa58fdf5bba3614e6ca76e483d23bc035602b3844dae4e402996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 09T/vYwAAAADooYR+leN/RamxfiQ0ho4KRlJBMjMxMDUwNDE3MDI1ADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: KHiYbHmlryM3HboXX6vwcw==
x-cache: TCP_HIT
content-length: 17085
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:02:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA977E41D3B"
x-azure-ref: 07k3vYwAAAACTpXQ4OcEpSKOe6keha5woRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e78be9bb-f01e-0068-07ac-42bf3b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=7200
x-ms-version: 2014-02-14
accept-ranges: bytes

POST
H2 200 data
col.site24x7rum.com/rum/ 0
0 657ms
242ms Ping
application/json 44.240.3.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://col.site24x7rum.com/rum/data
Requested by: Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=bf43c1778f8d741b80145273d2fd6586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.3.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-3-37.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemwealthplanninggroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ncf_Lightbox@2x.png
cdn.oncehub.com/images/ 1 KB
2 KB 27ms
27ms Image
image/png 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.oncehub.com/images/ncf_Lightbox@2x.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

6723e1927744ccc7f226520debbdf53cb22d052062465095346d58ba6eb0055f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gemwealthplanninggroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0jifqYwAAAAA6zShKsZfHRaIZqsr58+xFRlJBMjMxMDUwNDE4MDQ1ADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: oUXqSAT0iyR1XWfI4a1m+Q==
x-cache: TCP_HIT
content-length: 1529
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:02:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA96F76ACA1"
x-azure-ref: 07k3vYwAAAAB9EHDvSjqESK2jar/N4tKSRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 76d8cd5f-301e-0067-0aa2-3fc957000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=604800
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 GeralynGough Show response
go.oncehub.com/ Frame 4B6B 8 KB
2 KB 580ms
102ms Document
text/html 52.184.200.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Requested by

Host: cdn.oncehub.com
URL: https://cdn.oncehub.com/mergedjs/ScheduleOnceEmbed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.184.200.53 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c45041775931f44fedaa19467bb34dffb002d6fd2c2cbc7d28b2e4ffef3551bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemwealthplanninggroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, public, max-age=3600
content-encoding: gzip
content-type: text/html
date: Fri, 17 Feb 2023 09:50:39 GMT
etag: W/"63e51e4c-1f01"
last-modified: Thu, 09 Feb 2023 16:24:44 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-robots-tag: none

GET
H2 200 3.739e8488aa39ef755a40.css
cdn.oncehub.com/assets/ Frame 4B6B 174 KB
26 KB 12ms
11ms Stylesheet
text/css 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/assets/3.739e8488aa39ef755a40.css

Requested by

Host: go.oncehub.com
URL: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

500823d5030b9e90076d701f96a7f37fdff00f3cec5e264d003c73e20637f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0XCbqYwAAAADCDc/tLTbAQKZhrzd4jdWsRlJBMjMxMDUwNDE3MDI5ADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: 4jnw6OK+mJDkMQkcH1xuVw==
x-cache: TCP_HIT
content-length: 26389
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94B8736BC"
x-azure-ref: 0703vYwAAAABWmcWwwH8ASIMOYT36SEhpRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 12b6059c-401e-000f-27a2-3fafc7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1209600
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 bundle.js Show response
cdn.oncehub.com/assets/ Frame 4B6B 1 KB
1 KB 11ms
10ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/assets/bundle.js

Requested by

Host: go.oncehub.com
URL: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

e8eda340a045bd833c189a540fca6f166b102239c439807055714b68fd7279e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0ITbvYwAAAABBGPPIILv2SqY4AWb/4At4RlJBMjMxMDUwNDE4MDUxADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: ooGSWq21AuE0TwYeNfyVfQ==
x-cache: TCP_HIT
content-length: 767
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94C404117"
x-azure-ref: 0703vYwAAAAAJhSmGJC8BQrBJraTbsfiBRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36f4226e-901e-000c-63a4-424ea3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=7200
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 bundle.a9d4ab59.js Show response
cdn.oncehub.com/assets/versions/ Frame 4B6B 1 MB
208 KB 18ms
17ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/assets/versions/bundle.a9d4ab59.js

Requested by

Host: go.oncehub.com
URL: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

47a90219b23f844ed3eccf026003b0dd240c29d5d6aeb6c3b953b447ad70df55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0nojqYwAAAAB3HX4mlfNJS4Wu2K8FKpLnRlJBMjMxMDUwNDE3MDIzADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: IKUwmmZx1eTDZemrjFhGOg==
x-cache: TCP_HIT
content-length: 212766
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94C18736B"
x-azure-ref: 0703vYwAAAAC4QjqAg5ZuQJLgOE49jPZsRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0575051d-301e-0058-24a2-3f01f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15552000
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 bundle.constants.45ed353d.js Show response
cdn.oncehub.com/assets/versions/ Frame 4B6B 153 KB
24 KB 12ms
11ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/assets/versions/bundle.constants.45ed353d.js

Requested by

Host: go.oncehub.com
URL: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

8d2dd39c56a2f8b79629c92054af844db21c9f73e935c84a0cec1654bd488eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0XCbqYwAAAABhGGjdRPSDRIPa09ZGLqi0RlJBMjMxMDUwNDE4MDIzADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: fl7C7hDuMPCgCUhhZ4okUw==
x-cache: TCP_HIT
content-length: 24618
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94C27A495"
x-azure-ref: 0703vYwAAAADekstGC4AFQIRxqIlbYcIDRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8ed86dd8-b01e-0024-19a2-3f2f0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15552000
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 bundle.scss.5b76fd25.js Show response
cdn.oncehub.com/assets/versions/ Frame 4B6B 130 B
475 B 10ms
10ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/assets/versions/bundle.scss.5b76fd25.js

Requested by

Host: go.oncehub.com
URL: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

dfd278237fe3ddc9bab713334c9e4b38cf87abe5e7d2e240c1a75caa543c91be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0XCbqYwAAAACq4mceB/u6RqKl8B2ABJI0RlJBMjMxMDUwNDE3MDUzADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: DpHkvkr7m9nY7TQfmAlrRg==
x-cache: TCP_HIT
content-length: 116
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94C253655"
x-azure-ref: 0703vYwAAAADoMcyI4xt+TrN7wved7X9kRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 12b605a9-401e-000f-34a2-3fafc7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15552000
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 vendor.cf11cb24.js Show response
cdn.oncehub.com/assets/versions/ Frame 4B6B 1 MB
298 KB 31ms
31ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.oncehub.com/assets/versions/vendor.cf11cb24.js

Requested by

Host: go.oncehub.com
URL: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

dff4436507c4bf122d4d50b893007341d55ba0cad45933b563bb8bd6b11a3f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
content-encoding: gzip
date: Fri, 17 Feb 2023 09:50:38 GMT
x-azure-ref-originshield: 0TBvtYwAAAABXT+Pq83TXRa1uUoyUR4XIRlJBMjMxMDUwNDE3MDUzADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: MXleSwToCPrtYjCYd9nmOQ==
x-cache: TCP_HIT
content-length: 304261
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94DAA21A6"
x-azure-ref: 0703vYwAAAAAtK2AFwt25RZTxakJpOozCRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7479e500-c01e-004c-3631-41499b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15552000
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4B6B 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.oncehub.com
URL: https://cdn.oncehub.com/assets/versions/vendor.cf11cb24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.oncehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 09:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2313
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 11:12:06 GMT

POST
H2 404 GetLandingPageLayout Show response
go.oncehub.com/api/get-data/ Frame 4B6B 66 B
391 B 115ms
115ms XHR
application/json 52.184.200.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.oncehub.com/api/get-data/GetLandingPageLayout

Requested by

Host: cdn.oncehub.com
URL: https://cdn.oncehub.com/assets/versions/vendor.cf11cb24.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.184.200.53 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d55e089742995ee29af9639784dfb97711bfbe06ea886ce3fb0929f5b901282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.oncehub.com/GeralynGough?dt=&em=1&Lightbox=1&openedThroughBtn=1&Si=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
id: 1676627439380-50153-25416
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 09:50:39 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.oncehub.com
cache-control: no-cache
x-envoy-upstream-service-time: 10
access-control-allow-credentials: true
x-robots-tag: noindex
expires: -1

GET
H2 200 light_ClosedPages.png
cdn.oncehub.com/assets/images/cf/ Frame 4B6B 9 KB
10 KB 11ms
10ms Image
image/png 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.oncehub.com/assets/images/cf/light_ClosedPages.png

Requested by

Host: cdn.oncehub.com
URL: https://cdn.oncehub.com/assets/3.739e8488aa39ef755a40.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

071e1aae62ec74c0c29dff4fbda13e21cff0e8342e6d72fe45f1474485d5de75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.oncehub.com/assets/3.739e8488aa39ef755a40.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=15724800
date: Fri, 17 Feb 2023 09:50:39 GMT
x-azure-ref-originshield: 05THqYwAAAABX9G+9xLRNQa/pScmk9su4RlJBMjMxMDUwNDE3MDQ5ADBiZDM4MmYzLTBlYjMtNGM5Yy1hMWJkLTFlNzU0YzE4NWY0NA==
content-md5: DV+B2taBNbMoSxnsHCjnWg==
x-cache: TCP_HIT
content-length: 9259
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 10:01:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8DB0DA94B08F790"
x-azure-ref: 0703vYwAAAAAiKxnTezRMSJFCHrMitJaQRlJBMzFFREdFMDMwNwAwYmQzODJmMy0wZWIzLTRjOWMtYTFiZC0xZTc1NGMxODVmNDQ=
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 2f4546c1-601e-0027-24a4-3fce6f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=604800
x-ms-version: 2014-02-14
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.gemwealthplanninggroup.com/	1970-01-20 09:43:49	Name: __cf_bm Value: J5fBMxBEgksdEmvieFr_kLGeViADf2XRhPZvB.2Z7So-1676627437-0-ASIGsAHLHFV009mPAjBzkSvq9xOoX6zBteGP4ct19HYZC/t4PlT17Wh7/GRwQPqHegI8V1JIRT+aqerCSHatLB89kDZFwdRJluGq5LfB/OLC
.gemwealthplanninggroup.com/	1970-01-20 19:19:47	Name: _ga Value: GA1.2.896002985.1676627438
.gemwealthplanninggroup.com/	1970-01-20 09:45:13	Name: _gid Value: GA1.2.1248975238.1676627438
.gemwealthplanninggroup.com/	1970-01-20 09:43:47	Name: _gat_gtag_UA_24680519_10 Value: 1
www.gemwealthplanninggroup.com/	1970-01-20 19:19:47	Name: site24x7rumID Value: 3874391095755705.1676627436637.1676627436637
col.site24x7rum.com/	1969-12-31 23:59:59	Name: s247cname Value: 2a47a074-bf67-4ac3-8833-ce310467b4e3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go.oncehub.com/api/get-data/GetLandingPageLayout Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.oncehub.com
col.site24x7rum.com
eee6de91b18cd8209213-7a0239a9bc3c5b11e4c7ee9ece842dcd.ssl.cf2.rackcdn.com
fmg-websites-custom.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
go.oncehub.com
pro.riskalyze.com
static.fmgsuite.com
static.site24x7rum.com
stats.g.doubleclick.net
www.gemwealthplanninggroup.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.riskalyze.com
18.66.147.10
2.18.36.141
2600:9000:2394:1600:11:ad6d:cf00:93a1
2606:4700:10::6816:112
2606:4700:10::ac43:47c
2606:4700::6810:45c5
2620:1ec:4e:1::44
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:400d:806::200e
2a00:1450:400d:807::2004
2a00:1450:400d:808::2003
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::200a
2a00:1450:4025:402::9b
44.240.3.37
52.184.200.53
52.217.101.220
071e1aae62ec74c0c29dff4fbda13e21cff0e8342e6d72fe45f1474485d5de75
0f8c02f24409745d1c8e204380607b22b7b9c4d004a2baf1b7e3cb16fe9ba464
1c096afc64267ea84189f535ef7ed20d0f222f32f996835bc40f0354dbb68b7d
1d55e089742995ee29af9639784dfb97711bfbe06ea886ce3fb0929f5b901282
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f789186a73abc6439646c2e3eae2e14fc63742ccec771e9ff4472f6e090244f
3100b1c6ddcf660d49e4998bbdff705e353cfba903f04312ec7851f6f257af86
3b0409e5c01b63fbd6810d604df6aee39efe4c8515de140728e33ac3eb9391df
3b9a74787bca928fe340a5211f44e81adb7c99624865772c030ecdfd96f13e1d
46eea03df650c2efbf2b560eef024204bd7477cc7803eebc260f7c894725e6d2
47181851e16a59444c2b7d695a1b13e6724ab8c44646719a2f5486aac45f4a9e
47a90219b23f844ed3eccf026003b0dd240c29d5d6aeb6c3b953b447ad70df55
500823d5030b9e90076d701f96a7f37fdff00f3cec5e264d003c73e20637f631
52d6065110f31f784d0822a2fc85959e2c92e6ad5d6609aeded219a8eb87427e
540a48c10a8bfa58fdf5bba3614e6ca76e483d23bc035602b3844dae4e402996
56d262b4fa9c65ea24fb8754df122565d656413c2728d27ad344a3513c18e7ee
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c5438e974f5f826f3167cf46ec1de0c0909c5b4a97cb4de1829d9d9bafd79f1
5fffd4bc61569c2a5b6d18ef7c23ba8133ce1185044d3bbc47beae172c200025
6723e1927744ccc7f226520debbdf53cb22d052062465095346d58ba6eb0055f
728615983aded105d572d7e1a5edd33ad321c88477ee951a0b41de86104283cd
72ae6194bdbd3e76af1eb5b38f35992afd6762247f85c56e7cddd849f0c0d728
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8d2dd39c56a2f8b79629c92054af844db21c9f73e935c84a0cec1654bd488eb2
95f7c6c2c35aefe6ec32c627f1a734771907b517867736037c1c805f3206e16f
964362fd7e113edc6f34832b645b184160bb47c17af3119cb89071b05d6f1a0d
a25768e046967bee0bc770b13705d0fa884f5a6d48072b01b5820e5745271c28
b31e12ffb0c5622be610050f1a1cc6aae090488bc9e68e68a92ef920b5ed68b5
c45041775931f44fedaa19467bb34dffb002d6fd2c2cbc7d28b2e4ffef3551bd
db83c59ee74e871cbaa10520d325e076c14140d31eb06c2f18080dfe27b3a8b1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd278237fe3ddc9bab713334c9e4b38cf87abe5e7d2e240c1a75caa543c91be
dff4436507c4bf122d4d50b893007341d55ba0cad45933b563bb8bd6b11a3f9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eda340a045bd833c189a540fca6f166b102239c439807055714b68fd7279e1
e92c572fe48977061e02d1291df28e9764aff81ac9bcbbb15be6481a965ec94a
ecb7b8440f3dcfdfddfad69aae6327e7d9ab36b400684b5b1c46e7cf30c7459d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f99f40f84ec3591955082fefe52af96b8d2c4624de5814ae02b129361a99d4d3
fb67e3e8554db868ea13c2cfdde7ae425e934e2053ee0aed23f44f6c5f913619
ffcec73f201bb4b74a10245cb33abea954bef9d3217b141ea695ea386f0df2b4

www.gemwealthplanninggroup.com Open in urlscan Pro 2606:4700::6810:45c5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

72 %IPv6

14 Domains

18 Subdomains

17 IPs

5 Countries

2894 kBTransfer

5717 kBSize

6 Cookies

5 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gemwealthplanninggroup.com Open in urlscan Pro
2606:4700::6810:45c5 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

17
IPs

5
Countries

2894 kB
Transfer

5717 kB
Size

6
Cookies

46 HTTP transactions
0 data transactions