www.midwestheritage.com Open in urlscan Pro
2606:4700:3036::6815:21a4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mhbankfs.com/
Effective URL:
https://www.midwestheritage.com/investments/
Submission: On January 05 via api (January 5th 2024, 1:22:15 am UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3036::6815:21a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.midwestheritage.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 23rd 2023. Valid for: a year.

This is the only time www.midwestheritage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.204.149.82 34.204.149.82	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3037::6815:13d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:303... 2606:4700:3036::6815:21a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:3600:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
9	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
80	19

1 34.204.149.82 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-149-82.compute-1.amazonaws.com

mhbankfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:13d5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mhbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3036::6815:21a4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.midwestheritage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:3600:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	midwestheritage.com www.midwestheritage.com	953 KB
16	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3594 ka-p.fontawesome.com — Cisco Umbrella Rank: 6234	328 KB
13	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 5016 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 5408	370 KB
6	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 5047 va.v.liveperson.net — Cisco Umbrella Rank: 5705	119 KB
4	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 19728 settings.luckyorange.com — Cisco Umbrella Rank: 19412	70 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4002	669 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	822 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	gstatic.com fonts.gstatic.com	66 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	183 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
1	mhbank.com 1 redirects www.mhbank.com	466 B
1	mhbankfs.com 1 redirects mhbankfs.com	239 B
80	15

	Domain	Requested by
20	www.midwestheritage.com	www.midwestheritage.com
14	ka-p.fontawesome.com	kit.fontawesome.com www.midwestheritage.com
9	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	va.v.liveperson.net	lptag.liveperson.net
4	accdn.lpsnmedia.net	lptag.liveperson.net
3	www.google.de	www.midwestheritage.com
2	settings.luckyorange.com	tools.luckyorange.com
2	www.google.com	www.midwestheritage.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	tools.luckyorange.com	www.googletagmanager.com tools.luckyorange.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	lptag.liveperson.net	www.midwestheritage.com
2	www.googletagmanager.com	www.midwestheritage.com www.googletagmanager.com
2	cdn.jsdelivr.net	www.midwestheritage.com
2	kit.fontawesome.com	www.midwestheritage.com kit.fontawesome.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	www.midwestheritage.com
1	www.mhbank.com	1 redirects
1	mhbankfs.com	1 redirects
80	21

This site contains links to these domains. Also see Links.

Domain
secure.mhbank.com
www.mycardstatement.com
idp.consumercardaccess.com
mhbank.ebanking-services.com
direct2.imagedepositgateway.com
mhbank.fis.verrency-card-services.com
mhbank.goodcoins.io
brokercheck.finra.org
adviserinfo.sec.gov
www.finra.org
www.sipc.org
hy-vee.midwestheritage.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.midwestheritage.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-02-07` - `2024-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
luckyorange.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-15`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
settings.luckyorange.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.midwestheritage.com/investments/
Frame ID: 87045A954F83A184A0C8CAE59BF98DC0
Requests: 76 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=2b5b303
Frame ID: 2D0DF1D32E8952BF7834C0CE8E53B7F4
Requests: 3 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/storage.secure.min.html?loc=https%3A%2F%2Fwww.midwestheritage.com&site=85467047&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 2CD5A4EDC570711FBD69CEB8E15F629A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Investment Planning and Services | Midwest Heritage

Page URL History Show full URLs

http://mhbankfs.com/ HTTP 301
https://www.mhbank.com/personal/investments/ HTTP 301
https://www.midwestheritage.com/investments/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

80
Requests

96 %
HTTPS

70 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

2194 kB
Transfer

5673 kB
Size

11
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.mhbank.com/mhbankonlinebanking/uux.aspx#/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.mycardstatement.com/#/
Title: Login

Search URL Search Domain Scan URL

URL: https://idp.consumercardaccess.com/main/mhbankpayroll/
Title: Login

Search URL Search Domain Scan URL

URL: https://mhbank.ebanking-services.com/eAM/Credential/Index?appId=beb&brand=mhbank
Title: Login

Search URL Search Domain Scan URL

URL: https://direct2.imagedepositgateway.com/merchant/0028/
Title: Login

Search URL Search Domain Scan URL

URL: https://mhbank.fis.verrency-card-services.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://mhbank.goodcoins.io/
Title: Login

Search URL Search Domain Scan URL

URL: https://secure.mhbank.com/mhbankonlinebanking/sdk/AutoEnrollmentE2E
Title: Enroll Now

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://adviserinfo.sec.gov/firm/summary/306308
Title: FORM ADV PARTS 1, 2, 2BS, AND 3 (FORM CRS)

Search URL Search Domain Scan URL

URL: https://www.finra.org/#/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: https://hy-vee.midwestheritage.com/
Title: Hy-Vee Employees

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mhbank/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/midwest-heritage-bank

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mhbankfs.com/ HTTP 301
https://www.mhbank.com/personal/investments/ HTTP 301
https://www.midwestheritage.com/investments/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.midwestheritage.com/investments/
Redirect Chain

http://mhbankfs.com/
https://www.mhbank.com/personal/investments/
https://www.midwestheritage.com/investments/

103 KB
19 KB

241ms
179ms

Document
text/html

2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: f2175d6ad4f8714e196b680e68a42b088009c164e45e5de861cb0c3fe3e41f49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8407e899be8bb956-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 01:22:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.midwestheritage.com/wp-json/>; rel="https://api.w.org/" <https://www.midwestheritage.com/wp-json/wp/v2/pages/473>; rel="alternate"; type="application/json" <https://www.midwestheritage.com/?p=473>; rel=shortlink
pragma: no-cache
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-orig-cache-control: no-store, no-cache, must-revalidate
x-powered-by: WP Engine

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8407e8992e8a2294-CDG
date: Fri, 05 Jan 2024 01:22:09 GMT
expires: Fri, 05 Jan 2024 02:22:09 GMT
location: https://www.midwestheritage.com/investments/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu4CyhYdIJ%2BGFrdgYX2bhoPM0i2tTTT%2Bz18uklPCQ3f7JCsZyx01Wgu%2B0DlUZ5j0Dj6DqSqoveaYJV9w2VQrtNyuq2rsQ16OKmDcpyuhvMbKpN9uV8HSaZILuEHn9GsOyEXBTr8e5ClMvfj8nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 211a5cebdd.js Show response
kit.fontawesome.com/ 12 KB
5 KB 168ms
149ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/211a5cebdd.js
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6c867b010f89d017842dbc3653fadde05f956aa211fce8b4dd64109e2f31c8

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8407e89aed309201-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6dO5RduZM9OSxLTJPah

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 38ms
20ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3188437
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230088-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa%2FVgLjx8KdJW0BrA56Fyyv4hie%2BimQH9vjcN9vTkYZdruyy7rUB6qjbFSKPvDwr3%2BTfD7XpCE3psQFGD5S5NaWTPoPnDIf5urr9J4brNTa7DDFhfaRWQ81FmNCS4IMjumkmKUt1n86dgA2a5rI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8407e89ae9dcbbc2-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
23 KB 36ms
18ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4664108
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=widma7EwD1CGlwt7T7Zb0AsqHCWY4FbqO2whqTWJggV79qqQdPWzi5YxoAsTexLpJKeFwyk0gxkfJJmHWvqO8%2BtLUITRa11jpXkch5BxBqiUtC%2FhtYz7off6CflvBvOEVW2eaj%2BCK6bK%2Fsw%2FkkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8407e89ae9ddbbc2-FRA

GET
H2 200 style.min.css
www.midwestheritage.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 307ms
304ms Stylesheet
text/css 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: cloudflare
etag: W/"64b7c573-19824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf88b956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.midwestheritage.com/wp-content/uploads/maxmegamenu/ 66 KB
6 KB 298ms
296ms Stylesheet
text/css 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/uploads/maxmegamenu/style.css?ver=485f11
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f148c3961f2e8ab6210dded332b64f0e62bb85f6ed61b316c6e53fa05fc6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:12 GMT
server: cloudflare
etag: W/"650876a0-10713"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf89b956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 dashicons.min.css
www.midwestheritage.com/wp-includes/css/ 58 KB
35 KB 219ms
217ms Stylesheet
text/css 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-includes/css/dashicons.min.css?ver=6.3.2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
etag: W/"603ffca6-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf8ab956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/ 331 KB
48 KB 315ms
314ms Stylesheet
text/css 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/style.css?ver=3390106950
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ada46c17fdb1252dd291cd7b513e5d05a42fa2641905c527d72731c0a93967b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:15 GMT
server: cloudflare
etag: W/"650876a3-52d2a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf8bb956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/css/ 141 KB
21 KB 462ms
461ms Stylesheet
text/css 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/css/bootstrap.min.css?ver=6.3.2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:36 GMT
server: cloudflare
etag: W/"650876b8-235ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf8cb956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.midwestheritage.com/wp-includes/js/jquery/ 85 KB
31 KB 272ms
271ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: cloudflare
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf8eb956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.midwestheritage.com/wp-includes/js/jquery/ 13 KB
5 KB 256ms
255ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
etag: W/"6482bd64-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf90b956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/js/ 66 KB
19 KB 459ms
458ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/bootstrap/js/bootstrap.bundle.min.js?ver=6.3.2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:35 GMT
server: cloudflare
etag: W/"650876b7-1089e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89adf92b956-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 MWH-logo-HR-new2x.2-1.png
www.midwestheritage.com/wp-content/uploads/2023/03/ 38 KB
38 KB 455ms
454ms Image
image/png 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midwestheritage.com/wp-content/uploads/2023/03/MWH-logo-HR-new2x.2-1.png
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 146578e0a396722f0cb1f9593fde7f3238fce024a4554fb11cb1fee2ff670b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:14 GMT
server: cloudflare
etag: "650876a2-97de"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8407e89adf93b956-AMS
alt-svc: h3=":443"; ma=86400
content-length: 38878

GET
H2 200 email-decode.min.js Show response
www.midwestheritage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 21ms
20ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.midwestheritage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8407e89adf94b956-AMS
expires: Sun, 07 Jan 2024 01:22:09 GMT

GET
H3 200 navigation.js Show response
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/js/ 3 KB
1 KB 277ms
276ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/js/navigation.js?ver=3390106950
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:35 GMT
server: cloudflare
etag: W/"650876b7-ba4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89afd8eb92c-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 main-min.js Show response
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/resources/js/ 5 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/resources/js/main-min.js?ver=3390106950
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842f1cd528ab5c5524c3823905278316eb5fdac0b18fcfa12a191c322acfda5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 16:11:15 GMT
server: cloudflare
age: 30854
etag: W/"650876a3-135b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89cbedfb92c-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 hoverIntent.min.js Show response
www.midwestheritage.com/wp-includes/js/ 1 KB
918 B 27ms
27ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
age: 30853
etag: W/"625095f6-5db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89cef0bb92c-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 maxmegamenu.js Show response
www.midwestheritage.com/wp-content/plugins/megamenu/js/ 33 KB
6 KB 26ms
26ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e3f6d684bc0bfb692c53c3cb8ee62abfad2879fe3c0efd72de864d21e914187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 03:47:38 GMT
server: cloudflare
age: 30853
etag: W/"6581125a-828b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89d1f2bb92c-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
91 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML6956

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0831143ed63ec069cad8368fa60db36bd3168438d3ce5f6572daea50d9f49a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92600
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 01:22:10 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 123ms
18ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=85467047

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

9bc49e2d077ff3ee73f6c2ea5275a53bd78c3815f98f67ff06a1e48b43f28d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 26 Sep 2023 18:59:22 GMT
server: ws
etag: "65132a0a-2494"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9364

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 766ms
765ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=211a5cebdd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e89bed869201-FRA
content-length: 120109

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 522ms
521ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=211a5cebdd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e89bed859201-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 515ms
514ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=211a5cebdd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e89bed879201-FRA
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 458ms
457ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=211a5cebdd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e89bed839201-FRA
content-length: 1733

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/211a5cebdd/85698314/ 0
152 B 131ms
130ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/211a5cebdd/85698314/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/211a5cebdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 8407e89bdd829201-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 0
x-request-id: F6dO5R91pztmp-MWT6RD

GET
BLOB 200
OK a9073ff0-8fa5-49d9-86ee-28feb7f49e3f
https://www.midwestheritage.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.midwestheritage.com/a9073ff0-8fa5-49d9-86ee-28feb7f49e3f
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/style.css?ver=3390106950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:39:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 01:22:10 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 16:03:03 GMT
x-content-type-options: nosniff
age: 292747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 16:03:03 GMT

GET
H3 200 header-personal-invest-main-page-1-scaled.jpg
www.midwestheritage.com/wp-content/uploads/2023/04/ 242 KB
242 KB 616ms
616ms Image
image/jpeg 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midwestheritage.com/wp-content/uploads/2023/04/header-personal-invest-main-page-1-scaled.jpg
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac7af655b0e4988a883c7ea1d77eceb1e5877d811e57fdfd2f673566ab19245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:14 GMT
server: cloudflare
etag: "650876a2-3c644"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8407e89defddb92c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 247364

GET
H3 200 Resource_Center_image-opt.png
www.midwestheritage.com/wp-content/themes/midwest-heritage-23/resources/images/ 360 KB
361 KB 297ms
296ms Image
image/png 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/resources/images/Resource_Center_image-opt.png
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/style.css?ver=3390106950
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1961c0240bc5c2c39cf6188f85c6d267573bd6e135dca9119aba57e59b893a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/wp-content/themes/midwest-heritage-23/style.css?ver=3390106950
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:15 GMT
server: cloudflare
etag: "650876a3-5a186"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8407e89defdfb92c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 369030

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 24ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:22:30 GMT
x-content-type-options: nosniff
age: 273580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 21:22:30 GMT

GET
H3 200 BrokerCheck.png
www.midwestheritage.com/wp-content/uploads/2023/03/ 20 KB
20 KB 318ms
317ms Image
image/png 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midwestheritage.com/wp-content/uploads/2023/03/BrokerCheck.png
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d68c42f02b2cbac6a9ffda93310d8227d1907edb665d8f1f165f4a6d9e1c5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 16:11:14 GMT
server: cloudflare
etag: "650876a2-4fba"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8407e89e0ff2b92c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20410

GET
H3 200 Insurance-Partners-Website-1.png
www.midwestheritage.com/wp-content/uploads/2023/10/ 80 KB
80 KB 239ms
239ms Image
image/png 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.midwestheritage.com/wp-content/uploads/2023/10/Insurance-Partners-Website-1.png
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8873b9a52a93cab7b9b8c6bd24b9535edc8cd0c0e4a9938c2192637c2b00bb87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 17:44:05 GMT
server: cloudflare
etag: "65380265-13fc4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8407e89e0ff4b92c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 81860

GET
H3 200 wp-emoji-release.min.js Show response
www.midwestheritage.com/wp-includes/js/ 18 KB
5 KB 41ms
41ms Script
application/javascript 2606:4700:3036::6815:21a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.midwestheritage.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:21a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
age: 41784
etag: W/"63db0985-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8407e89e0ff6b92c-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HX2TBTCBEV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce7a11cfa6a6b121131449f8e8b1757fdcc9b00e6a186152084a794f50a4a76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94372
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 01:22:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jan 2024 23:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5633
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Jan 2024 01:48:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956694839/ 3 KB
2 KB 56ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956694839/?random=1704417730278&cv=11&fst=1704417730278&bg=ffffff&guid=ON&async=1&gtm=45He4130v71975901&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.midwestheritage.com%2Finvestments%2F&hn=www.googleadservices.com&frm=0&tiba=Investment%20Planning%20and%20Services%20%7C%20Midwest%20Heritage&auid=1685872024.1704417730&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98e9abce2b5650bf68929508f55bccd373a91529a0b59b82fef59f53a6247857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 12 KB
5 KB 57ms
6ms Script
text/javascript 2600:9000:211e:3600:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=0f144ee0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML6956
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f24a06411c8df5fe23242f307ed344660d896add1790cde721b5feaa7f90179b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:47:12 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4482
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "649bdfde482a661912ac351002312946"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: M_YhHNaIrf2HJEw_OSvo6Lkd0rzSCdiVMsoTdDnhrEd_zCo5e7YOOA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 15ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1604729486&t=pageview&_s=1&dl=https%3A%2F%2Fwww.midwestheritage.com%2Finvestments%2F&ul=en-us&de=UTF-8&dt=Investment%20Planning%20and%20Services%20%7C%20Midwest%20Heritage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=702906733&gjid=1588774821&cid=1088400081.1704417730&tid=UA-28493477-1&_gid=1476430277.1704417730&_slc=1&gtm=45He4130n71ML6956v71975901&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=340496935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.midwestheritage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midwestheritage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28493477-1&cid=1088400081.1704417730&jid=702906733&gjid=1588774821&_gid=1476430277.1704417730&_u=YGBAgAABAAAAAG~&z=15049455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.midwestheritage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 Jan 2024 01:22:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midwestheritage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HX2TBTCBEV&gtm=45je4130v872308060z871975901&_p=1704417729743&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1088400081.1704417730&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704417730&sct=1&seg=0&dl=https%3A%2F%2Fwww.midwestheritage.com%2Finvestments%2F&dt=Investment%20Planning%20and%20Services%20%7C%20Midwest%20Heritage&en=page_view&_fv=1&_ss=1&tfd=1265
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HX2TBTCBEV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midwestheritage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 39ms
21ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HX2TBTCBEV&cid=1088400081.1704417730&gtm=45je4130v872308060z871975901&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HX2TBTCBEV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midwestheritage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HX2TBTCBEV&cid=1088400081.1704417730&gtm=45je4130v872308060z871975901&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=48867428

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/956694839/ 42 B
455 B 40ms
20ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956694839/?random=1704417730278&cv=11&fst=1704416400000&bg=ffffff&guid=ON&async=1&gtm=45He4130v71975901&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.midwestheritage.com%2Finvestments%2F&frm=0&tiba=Investment%20Planning%20and%20Services%20%7C%20Midwest%20Heritage&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_URqeg5aQLbcY-RxWU6aythk84CSqgg&random=3297987330&rmt_tld=0&ipr=y

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/956694839/ 42 B
154 B 36ms
20ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956694839/?random=1704417730278&cv=11&fst=1704416400000&bg=ffffff&guid=ON&async=1&gtm=45He4130v71975901&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.midwestheritage.com%2Finvestments%2F&frm=0&tiba=Investment%20Planning%20and%20Services%20%7C%20Midwest%20Heritage&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_URqeg5aQLbcY-RxWU6aythk84CSqgg&random=3297987330&rmt_tld=1&ipr=y

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0f144ee0 Show response
settings.luckyorange.com/ 4 KB
2 KB 120ms
120ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/0f144ee0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=0f144ee0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2ea92170c3ea4b830f643fa2e839e3ab0b2425dd241b58473050268f1d7fde8f

Request headers

Referer: https://www.midwestheritage.com/
accept-language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-lucky-referrer

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.midwestheritage.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 0f144ee0
settings.luckyorange.com/ Frame 0
0 149ms
119ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/0f144ee0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://www.midwestheritage.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.midwestheritage.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 05 Jan 2024 01:22:10 GMT
via: 1.1 google

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/ 302 KB
105 KB 40ms
39ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

3a01ad533896114653bb8e08e46793d86c9ad065bdba76118523a95070532f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28493477-1&cid=1088400081.1704417730&jid=702906733&_u=YGBAgAABAAAAAG~&z=536787331

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28493477-1&cid=1088400081.1704417730&jid=702906733&_u=YGBAgAABAAAAAG~&z=536787331

Requested by

Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 01:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/85467047/configuration/setting/accountproperties/ 7 KB
3 KB 190ms
51ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/85467047/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

a3971cd06a4a896b34c7cb8a2615e2d567f4f89ca37a40bc5adf095ae266d69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 05 Jan 2024 01:23:10 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/ 40 KB
12 KB 38ms
16ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/ui-framework.js?version=10.32.2.0-release_5650
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 06:13:58 GMT
content-encoding: br
age: 500892
x-guploader-uploadid: ABPtcPpQSvXNjpycmnp0dWvl-MmTCdlTMBV59dVL_Oxrmij5HEguCMDElA4Wcp3BuBG0dNedoUVr9ZTCbQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12484
last-modified: Sat, 30 Dec 2023 06:01:24 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1703916084670149
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/ 92 KB
25 KB 39ms
18ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/UMSClientAPI.min.js?version=10.32.2.0-release_5650
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0147f47c377f527213ad86617cd97003a1652f09a8297b40c71909a047773f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 06:13:58 GMT
content-encoding: br
age: 500892
x-guploader-uploadid: ABPtcPrzDfODEhDbg8GJXTYHRNZJlmXQg31vCD3eOa3JfhSFpLOCL9oKciQBxtornOg4thW03ttKGEHOvA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25681
last-modified: Sat, 30 Dec 2023 06:01:24 GMT
server: UploadServer
etag: W/"7fb4974247d2a2e8ce75a3aefb112fa9"
vary: Accept-Encoding
x-goog-generation: 1703916084262268
x-goog-hash: crc32c=4R09mA==, md5=f7SXQkfSoujOdaOu+xEvqQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 93785
accept-ranges: none
content-type: application/javascript

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/ 92 KB
26 KB 30ms
9ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/lpChatV3.min.js?version=10.32.2.0-release_5650
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b151e0b00168160cb1ab2d58d07a13b36fdb791298c803f150be651ba6dc9e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 06:13:58 GMT
content-encoding: br
age: 500892
x-guploader-uploadid: ABPtcPrnituS-uctWKDNcEr_NShqBt8lNtgVgl_21CRZPjzM6l1OKTLWQGaIDqCvzT80aCTNMwnSUgquxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26358
last-modified: Sat, 30 Dec 2023 06:01:24 GMT
server: UploadServer
etag: W/"2f7386d51b65bcdb473a083b0135def5"
vary: Accept-Encoding
x-goog-generation: 1703916084268849
x-goog-hash: crc32c=FYDoIQ==, md5=L3OG1RtlvNtHOgg7ATXe9Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 94128
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/ 8 KB
3 KB 36ms
15ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/surveylogicinstance.min.js?version=10.32.2.0-release_5650
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 06:13:58 GMT
content-encoding: br
age: 500892
x-guploader-uploadid: ABPtcPq2_wctm380Kg3MOdlkDqVy3xsZZmIfi0C1WFgYb5u6_qMmiYWRTFmJQsO5473vLUxeOmkdxIn9gg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2377
last-modified: Sat, 30 Dec 2023 06:01:24 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1703916084773671
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/ 5 KB
2 KB 169ms
33ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

358358eb6a3f47f1a6a5b2623d583e3eb2364c8632fff70c20b1b8f5e3a2bb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 05 Jan 2024 01:23:10 GMT

GET
H2 200 85467047 Show response
va.v.liveperson.net/api/js/ 244 B
1 KB 578ms
227ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/85467047?&cb=lpCb63372x46972&t=sp&ts=1704417730441&pid=5636214505&tid=5286605445&pt=Investment%20Planning%20and%20Services%20%7C%20Midwest%20Heritage&u=https%3A%2F%2Fwww.midwestheritage.com%2Finvestments%2F&df=0&os=0

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

cc0318935e07f4775b088ce7c4017c8fd4b3bdf4ddf2626df5574dd76e119aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/ 1 MB
252 KB 8ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.32.2.0-release_5650/desktopEmbedded.js?version=10.32.2.0-release_5650
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c146d67ad0d9eb06da284723307d32fed122b88f93653dbd80288f557b9d6d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 06:13:58 GMT
content-encoding: br
age: 500892
x-guploader-uploadid: ABPtcPr-JCGlBfqPWKC2QOP1f1Zgl4ck_zQnWnF2fm8qOyFLJFMSu9e1sRDZSyMUVXc-esqFPcwx00tPfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258029
last-modified: Sat, 30 Dec 2023 06:01:25 GMT
server: UploadServer
etag: W/"c5c74c8ae4f46ff45c97cec988bb4522"
vary: Accept-Encoding
x-goog-generation: 1703916084964599
x-goog-hash: crc32c=EhmyCw==, md5=xcdMiuT0b/Rcl87JiLtFIg==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1065466
accept-ranges: none
content-type: application/javascript

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame 2D0D 211 KB
64 KB 26ms
11ms Script
text/javascript 2600:9000:211e:3600:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=0f144ee0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6352462047da04fef0c9e83236e414c6e39f4667a608f04285d7e54f0362bd10

Request headers

Referer
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 16:18:10 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 291841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 64954
last-modified: Wed, 20 Dec 2023 19:47:07 GMT
server: AmazonS3
etag: "1a31b8dca406772125381b2c516e2084"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TZL-VvynkKIfzx0nLs9kyHXhkcqZdWXCRdyPxuCdSBlZ3ktWtJ9jFw==

GET
H3 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/ Frame 2CD5 46 KB
16 KB 8ms
8ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/storage.secure.min.html?loc=https%3A%2F%2Fwww.midwestheritage.com&site=85467047&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 937c84900267b6b690579cf739922558dd457ab8de64ce9fec84656ab9e023b1

Request headers

Referer: https://www.midwestheritage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 501388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 15842
content-type: text/html
date: Sat, 30 Dec 2023 06:05:42 GMT
etag: W/"df1d42d31c469ec02a2cebf62bf3b3ed"
last-modified: Sat, 30 Dec 2023 06:02:39 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1703916159029164
x-goog-hash: crc32c=L4KvmQ== md5=3x1C0xxGnsAqLOv2K/Oz7Q==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 47040
x-guploader-uploadid: ABPtcPoP55vSMx5W_etRB2oYJIRkck--Hu1jPyLuX3_OdeWTWBvfW79kRHLyQ0nWs4JffsO40nZS9hPPDw

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/ 42 KB
14 KB 7ms
7ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.24.1.1-release_5109/storage.secure.min.js?loc=https%3A%2F%2Fwww.midwestheritage.com&site=85467047&force=1&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2ab1e281688cea38d92cdb1a2c32380ae3235cf244ab92613b9ece9630bec959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 06:13:59 GMT
content-encoding: br
age: 500891
x-guploader-uploadid: ABPtcPoRXZtFNo4s5ZimaEZPAbwrjYcpGa210GOvqv2NEBYujrIVd7gvUwbMtOBuSRf7DtUD7EKYpcvM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
last-modified: Sat, 30 Dec 2023 06:02:39 GMT
server: UploadServer
etag: W/"1a38def650f58d0267c1a7b9c8b6dae5"
vary: Accept-Encoding
x-goog-generation: 1703916159036838
x-goog-hash: crc32c=mznx8w==, md5=Gjje9lD1jQJnwae5yLba5Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 43279
accept-ranges: none
content-type: application/javascript

GET
H2 200 pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 12 KB
12 KB 467ms
467ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-0.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca4dbd73acdbca407bee1704d3a11d396de341d74dbc08bb028b36b7626ea4d

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
etag: "6568cc22-2ee0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1af799201-FRA
content-length: 12000

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 13 KB
14 KB 129ms
129ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
etag: "6568cc22-35f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1af7a9201-FRA
content-length: 13816

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 566ms
565ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1af7d9201-FRA
content-length: 38432

GET
H2 200 pro-fa-light-300-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 18 KB
18 KB 560ms
559ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-light-300-1.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d8603e5e751094f2a2bf74cf55e58f8d8499d2580a1c93d21990360f4d8aef

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:30 GMT
server: cloudflare
etag: "6568cc1a-4674"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf7e9201-FRA
content-length: 18036

GET
H2 200 pro-fa-light-300-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 15 KB
15 KB 568ms
568ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-light-300-0.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1de56f381e531b3d1db5536db44e0815f1667a26a661101a8a51c62f2053a30

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:30 GMT
server: cloudflare
etag: "6568cc1a-3c2c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf7f9201-FRA
content-length: 15404

GET
H2 200 pro-fa-sharp-light-300-14.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 15 KB
15 KB 647ms
646ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-sharp-light-300-14.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa4466d1ac671a371e47dd65f4f7f2cfdd94865bfdb1eb3bb7128e8add8e653

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:33 GMT
server: cloudflare
etag: "6568cc1d-3ab0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf809201-FRA
content-length: 15024

GET
H2 200 pro-fa-solid-900-13.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 14 KB
14 KB 17ms
17ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-13.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec1941ce9e7878f195767288346eb2821e3af0e25652c0233411ff6acf2810ad

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 951001
etag: "6568cc22-3688"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf819201-FRA
content-length: 13960

GET
H2 200 pro-fa-light-300-21.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 26 KB
26 KB 638ms
636ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-light-300-21.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41d6af12d2ea5381ab219aac54ee8e4e5acf40e592d4563f37c596b70cbb851c

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:31 GMT
server: cloudflare
etag: "6568cc1b-6720"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf849201-FRA
content-length: 26400

GET
H2 200 pro-fa-light-300-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 17 KB
17 KB 577ms
575ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-light-300-12.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e2ddc45e7c1e7bd7bf60dfac89f113ce34c85e53e350a3e64ccfae1411f4e39

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:30 GMT
server: cloudflare
etag: "6568cc1a-4358"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf859201-FRA
content-length: 17240

GET
H2 200 pro-fa-light-300-5.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 25 KB
25 KB 133ms
131ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-light-300-5.woff2
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559850ae38b9f8b1aa37df210217d721f1d7ae219de91fb272d0fa3c5fc84003

Request headers

Referer: https://www.midwestheritage.com/
Origin: https://www.midwestheritage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:10 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 17:53:31 GMT
server: cloudflare
etag: "6568cc1b-62e4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8407e8a1bf869201-FRA
content-length: 25316

GET
BLOB 200
OK ce6dfe62-3a87-4db3-ad0c-45f55ac6f9c1
https://www.midwestheritage.com/ Frame 2D0D 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.midwestheritage.com/ce6dfe62-3a87-4db3-ad0c-45f55ac6f9c1
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 0
Content-Type

GET
BLOB 200
OK 644944f9-c643-4a99-88b2-5d35da1f6a9d
https://www.midwestheritage.com/ Frame 2D0D 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.midwestheritage.com/644944f9-c643-4a99-88b2-5d35da1f6a9d
Requested by: Host: www.midwestheritage.com
URL: https://www.midwestheritage.com/investments/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdbda48bdc0153b50ab58bd701463558a613e614a3a0a822ea113180ed0a417c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 22873
Content-Type

GET
H2 200 85467047 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 95ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/85467047?sid=JVBZGk-iTbuerTwj4sDLHQ&cb=lpCb72049x58267&t=pl&ts=1704417730442&pid=5636214505&tid=5286605445&vid=k4ZDg4YzYwOTYyMGQ3M2Rj

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

1a175bdebfceb68057a02f2f37d82942c94ba235e0b5443d4f75439c973341ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 85467047 Show response
va.v.liveperson.net/api/js/ 404 B
1 KB 97ms
97ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/85467047?sid=JVBZGk-iTbuerTwj4sDLHQ&cb=lpCb7911x40877&t=uc&ts=1704417730612&pid=5636214505&tid=5286605445&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22super-nav-chat-link%22%7D%5D&vid=k4ZDg4YzYwOTYyMGQ3M2Rj

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

904986f3293e352d0529eca4d894a6bf2ae14a5b0ff094f6d9125e7a7e776c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.58.0.0-release_5206/jsv2/ 10 KB
3 KB 8ms
7ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.58.0.0-release_5206/jsv2/overlay.js?_v=3.58.0.0-release_5206
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 027dbe31bc494e14acab76a221273e52d1d8273f29a5a46055b36d74d6eb369b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:11:08 GMT
content-encoding: br
age: 2236263
x-guploader-uploadid: ABPtcPqITlq4BB_QB4Q1DqsM5ccB01Pl17Z3bWkKqHJCcD5epIXKh2i3SKJvEsMMV5nayIq0FvY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3153
last-modified: Fri, 03 Nov 2023 01:16:53 GMT
server: UploadServer
etag: W/"3de36f700a9fd7b27d7cf9968d108388"
vary: Accept-Encoding
x-goog-generation: 1698974213465391
x-goog-hash: crc32c=2/vLrg==, md5=PeNvcAqf17J9fPmWjRCDiA==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9892
accept-ranges: none
content-type: application/javascript

GET
H3 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.58.0.0-release_5206/jsv2/ 30 KB
10 KB 9ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.58.0.0-release_5206/jsv2/UISuite.js?_v=3.58.0.0-release_5206
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e3796f3b197762f594a263f17a78435fa9bcfbf8da3955e6e1c599972513ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 22:44:45 GMT
content-encoding: br
age: 95846
x-guploader-uploadid: ABPtcPrR6zGBOTaNgOnp0s38llEoabagrZObVcAugKTOxf6ibK6fZ5Xr19SfV0YvGkYXCSxq2_ql3p151HWvQ14
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10008
last-modified: Fri, 03 Nov 2023 01:16:53 GMT
server: UploadServer
etag: W/"5d7b4786c7eb250502bc8bc054d0515f"
vary: Accept-Encoding
x-goog-generation: 1698974213330205
x-goog-hash: crc32c=MXog6A==, md5=XXtHhsfrJQUCvIvAVNBRXw==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 30614
accept-ranges: none
content-type: application/javascript

GET
H2 200 212 Show response
accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4161029838/engagements/4161032438/revision/ 1 KB
2 KB 86ms
86ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/85467047/configuration/le-campaigns/campaigns/4161029838/engagements/4161032438/revision/212?v=3.0&cb=lp4161032438&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

d506d20332ddbf0f163939d1292824a622be3be1a29fd946f2b2f24c0a040b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 05 Jan 2024 01:23:11 GMT

GET
H2 200 3613883738 Show response
accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/ 4 KB
2 KB 82ms
82ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/85467047/configuration/engagement-window/window-confs/3613883738?cb=lpCb7206x99259

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

64ef3bc2773c4efda9786e9404f430f30264faaf1eb94fac745ea8eac4599eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 05 Jan 2024 01:23:11 GMT

GET
H2 200 85467047 Show response
va.v.liveperson.net/api/js/ 42 B
838 B 96ms
95ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/85467047?sid=JVBZGk-iTbuerTwj4sDLHQ&cb=lpCb90736x79946&t=uc&ts=1704417731401&pid=5636214505&tid=5286605445&vid=k4ZDg4YzYwOTYyMGQ3M2Rj&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A4161029838%2C%22engId%22%3A4161032438%2C%22revision%22%3A212%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/85467047/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

fa559210e8d2c68c08aa3102426f66820e6a7b1744bf5c92bfd96a0b27ee7a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.midwestheritage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 01:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.midwestheritage.com/	1970-01-20 17:26:59	Name: __cf_bm Value: uG88DMd30r1TH8o0vv4NBTExQT1ebyNvdeuiPxPZH8o-1704417729-1-AfR7yJzke/2d2C+7ZO9Rq8vWM0ozklfUrEmbCvVpOzLPzv+hNg6IBfGtTJG81RYtaxJ/jVjJheliqzVZt7ll8AQ=
.midwestheritage.com/	1970-01-20 19:36:33	Name: _gcl_au Value: 1.1.1685872024.1704417730
.midwestheritage.com/	1970-01-20 17:28:24	Name: _gid Value: GA1.2.1476430277.1704417730
.midwestheritage.com/	1970-01-20 17:26:57	Name: _dc_gtm_UA-28493477-1 Value: 1
.doubleclick.net/	1970-01-20 17:26:58	Name: test_cookie Value: CheckForPermission
.midwestheritage.com/	1970-01-21 03:02:57	Name: _ga_HX2TBTCBEV Value: GS1.1.1704417730.1.0.1704417730.60.0.0
.midwestheritage.com/	1970-01-21 03:02:57	Name: _ga Value: GA1.1.1088400081.1704417730
.midwestheritage.com/	1970-01-21 03:02:57	Name: lo-uid Value: 0f144ee0-1704417730557-37196501a826c29b
.midwestheritage.com/	1970-01-21 03:02:57	Name: lo-visits Value: 1
.midwestheritage.com/	1970-01-21 02:12:33	Name: LPVID Value: k4ZDg4YzYwOTYyMGQ3M2Rj
.midwestheritage.com/	1969-12-31 23:59:59	Name: LPSID-85467047 Value: JVBZGk-iTbuerTwj4sDLHQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-p.fontawesome.com
kit.fontawesome.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
mhbankfs.com
region1.analytics.google.com
settings.luckyorange.com
stats.g.doubleclick.net
tools.luckyorange.com
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mhbank.com
www.midwestheritage.com
178.249.97.23
178.249.97.99
2001:4860:4802:32::36
208.89.12.87
2600:9000:211e:3600:18:6c16:27c0:93a1
2606:4700:3036::6815:21a4
2606:4700:3037::6815:13d5
2606:4700:4400::ac40:93bc
2606:4700::6810:5814
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
34.107.203.234
34.120.154.120
34.204.149.82
0147f47c377f527213ad86617cd97003a1652f09a8297b40c71909a047773f3a
027dbe31bc494e14acab76a221273e52d1d8273f29a5a46055b36d74d6eb369b
0831143ed63ec069cad8368fa60db36bd3168438d3ce5f6572daea50d9f49a72
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0e3f6d684bc0bfb692c53c3cb8ee62abfad2879fe3c0efd72de864d21e914187
146578e0a396722f0cb1f9593fde7f3238fce024a4554fb11cb1fee2ff670b67
1961c0240bc5c2c39cf6188f85c6d267573bd6e135dca9119aba57e59b893a7d
1a175bdebfceb68057a02f2f37d82942c94ba235e0b5443d4f75439c973341ac
1ada46c17fdb1252dd291cd7b513e5d05a42fa2641905c527d72731c0a93967b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f148c3961f2e8ab6210dded332b64f0e62bb85f6ed61b316c6e53fa05fc6ef
2ab1e281688cea38d92cdb1a2c32380ae3235cf244ab92613b9ece9630bec959
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ea92170c3ea4b830f643fa2e839e3ab0b2425dd241b58473050268f1d7fde8f
358358eb6a3f47f1a6a5b2623d583e3eb2364c8632fff70c20b1b8f5e3a2bb8c
3a01ad533896114653bb8e08e46793d86c9ad065bdba76118523a95070532f40
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
41d6af12d2ea5381ab219aac54ee8e4e5acf40e592d4563f37c596b70cbb851c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
559850ae38b9f8b1aa37df210217d721f1d7ae219de91fb272d0fa3c5fc84003
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
5ac7af655b0e4988a883c7ea1d77eceb1e5877d811e57fdfd2f673566ab19245
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
6352462047da04fef0c9e83236e414c6e39f4667a608f04285d7e54f0362bd10
64ef3bc2773c4efda9786e9404f430f30264faaf1eb94fac745ea8eac4599eb4
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7e3796f3b197762f594a263f17a78435fa9bcfbf8da3955e6e1c599972513ca9
7fa4466d1ac671a371e47dd65f4f7f2cfdd94865bfdb1eb3bb7128e8add8e653
842f1cd528ab5c5524c3823905278316eb5fdac0b18fcfa12a191c322acfda5d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8873b9a52a93cab7b9b8c6bd24b9535edc8cd0c0e4a9938c2192637c2b00bb87
8d68c42f02b2cbac6a9ffda93310d8227d1907edb665d8f1f165f4a6d9e1c5c0
8e2ddc45e7c1e7bd7bf60dfac89f113ce34c85e53e350a3e64ccfae1411f4e39
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
904986f3293e352d0529eca4d894a6bf2ae14a5b0ff094f6d9125e7a7e776c5c
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
937c84900267b6b690579cf739922558dd457ab8de64ce9fec84656ab9e023b1
98e9abce2b5650bf68929508f55bccd373a91529a0b59b82fef59f53a6247857
9bc49e2d077ff3ee73f6c2ea5275a53bd78c3815f98f67ff06a1e48b43f28d9a
a1de56f381e531b3d1db5536db44e0815f1667a26a661101a8a51c62f2053a30
a3971cd06a4a896b34c7cb8a2615e2d567f4f89ca37a40bc5adf095ae266d69e
aca4dbd73acdbca407bee1704d3a11d396de341d74dbc08bb028b36b7626ea4d
b151e0b00168160cb1ab2d58d07a13b36fdb791298c803f150be651ba6dc9e6d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bdbda48bdc0153b50ab58bd701463558a613e614a3a0a822ea113180ed0a417c
c146d67ad0d9eb06da284723307d32fed122b88f93653dbd80288f557b9d6d79
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
cc0318935e07f4775b088ce7c4017c8fd4b3bdf4ddf2626df5574dd76e119aeb
ce7a11cfa6a6b121131449f8e8b1757fdcc9b00e6a186152084a794f50a4a76c
d506d20332ddbf0f163939d1292824a622be3be1a29fd946f2b2f24c0a040b1f
d8d8603e5e751094f2a2bf74cf55e58f8d8499d2580a1c93d21990360f4d8aef
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1941ce9e7878f195767288346eb2821e3af0e25652c0233411ff6acf2810ad
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2175d6ad4f8714e196b680e68a42b088009c164e45e5de861cb0c3fe3e41f49
f24a06411c8df5fe23242f307ed344660d896add1790cde721b5feaa7f90179b
fa559210e8d2c68c08aa3102426f66820e6a7b1744bf5c92bfd96a0b27ee7a39
fb6c867b010f89d017842dbc3653fadde05f956aa211fce8b4dd64109e2f31c8
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277

www.midwestheritage.com Open in urlscan Pro 2606:4700:3036::6815:21a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

70 %IPv6

15 Domains

21 Subdomains

19 IPs

3 Countries

2194 kBTransfer

5673 kBSize

11 Cookies

15 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.midwestheritage.com Open in urlscan Pro
2606:4700:3036::6815:21a4 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

70 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

2194 kB
Transfer

5673 kB
Size

11
Cookies

80 HTTP transactions
1 data transactions