halstedfinancial.com Open in urlscan Pro
172.67.164.71 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://halstedfinancial.com/disputes
Submission: On December 24 via manual (December 24th 2024, 3:32:27 pm UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 59 HTTP transactions. The main IP is 172.67.164.71, located in United States and belongs to CLOUDFLARENET, US. The main domain is halstedfinancial.com. The Cisco Umbrella rank of the primary domain is 809955.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.

This is the only time halstedfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	172.67.164.71 172.67.164.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	54.70.75.209 54.70.75.209	16509 (AMAZON-02) (AMAZON-02)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
59	19

17 172.67.164.71 (United States)

ASN13335 (CLOUDFLARENET, US)

halstedfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.70.75.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-75-209.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	userway.org cdn.userway.org — Cisco Umbrella Rank: 3208 api.userway.org — Cisco Umbrella Rank: 3180 cdn77.api.userway.org — Cisco Umbrella Rank: 7080	112 KB
17	halstedfinancial.com halstedfinancial.com — Cisco Umbrella Rank: 809955	256 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	385 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	994 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	217 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	265 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 fonts.googleapis.com — Cisco Umbrella Rank: 29	32 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	11 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	557 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	15 KB
59	13

	Domain	Requested by
17	halstedfinancial.com	halstedfinancial.com
13	cdn.userway.org	halstedfinancial.com cdn.userway.org
5	www.googletagmanager.com	halstedfinancial.com www.googletagmanager.com
3	api.userway.org	cdn.userway.org
3	www.google.com	halstedfinancial.com www.googletagmanager.com www.gstatic.com
2	cdn77.api.userway.org	cdn.userway.org
2	www.facebook.com	halstedfinancial.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	halstedfinancial.com connect.facebook.net
2	cdnjs.cloudflare.com	halstedfinancial.com
1	www.google.de	halstedfinancial.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	halstedfinancial.com
1	maxcdn.bootstrapcdn.com	halstedfinancial.com
1	ajax.googleapis.com	halstedfinancial.com
59	18

This site contains links to these domains. Also see Links.

Domain
pay.halstedfinancial.com
www.bbb.org
www.acainternational.org
www.nmlsconsumeraccess.org
rmaintl.org
www.linkedin.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
halstedfinancial.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-12-04` - `2025-03-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-02` - `2024-12-31`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
1784939676.rsc.cdn77.org E5	`2024-10-18` - `2025-01-16`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://halstedfinancial.com/disputes
Frame ID: CBAD9BAE271E9A1ED35D7EE278BE65E8
Requests: 55 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fhalstedfinancial.com
Frame ID: 475B1D40180B01BC22AC3178284EB82D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld5t7AaAAAAAKBmYyOz3a1FKZ0nne56DaALLcQw&co=aHR0cHM6Ly9oYWxzdGVkZmluYW5jaWFsLmNvbTo0NDM.&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=4pknbgtkgu4c
Frame ID: CEE60FB7342208AA349097805E4EB19C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-12-23-09-27-55/widget_base.css?v=1734946075448
Frame ID: EB288CDE80113FE8C8C9A5E03D257E2D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-12-23-09-27-55/widget_base.css?v=1734946075448
Frame ID: 916AD3376E37A06C66FF7C15D0ED8573
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Halsted Financial Services - Complaints

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

59
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

18
Subdomains

19
IPs

4
Countries

1177 kB
Transfer

3205 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://pay.halstedfinancial.com/?r=mainsite-popup
Title: Login to my account

Search URL Search Domain Scan URL

URL: https://pay.halstedfinancial.com/?r=mainsite
Title: Login

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/il/skokie/profile/collections-agencies/halsted-financial-services-llc-0654-88375998
Title: BBB Acredited Business

Search URL Search Domain Scan URL

URL: https://www.acainternational.org/
Title: ACA International

Search URL Search Domain Scan URL

URL: https://www.nmlsconsumeraccess.org/
Title: NMLS Consumer Access

Search URL Search Domain Scan URL

URL: https://rmaintl.org/consumers/
Title: RMAi Certified

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/halsted-financial-services-llc-

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HalstedFinancial/

Search URL Search Domain Scan URL

URL: https://twitter.com/halstedllc

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request disputes Show response
halstedfinancial.com/ 21 KB
7 KB 658ms
398ms Document
text/html 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d60b316a4cb17b4ca8ef29145be3f6bfabb44547ad098135071d42bf979bc8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f71a4bec8779143-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 24 Dec 2024 15:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oY27095ztncWZ1nkBpLsu4TxQKI9pGPoNC%2BLKu39JNa5OqK%2BOUv7VnTycVlgRlahVKj7xy1SxSp3tjJkvdZ7uKc4kDaJiC1oWtGjHmvUxIA39Tb8LaQm1T2esGC0LmIgMqnM9159w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=8269&min_rtt=7208&rtt_var=2695&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4223&recv_bytes=4541&delivery_rate=770&cwnd=12000&unsent_bytes=0&cid=743b47364e08b5e1&ts=617&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 app.css
halstedfinancial.com/css/ 250 KB
37 KB 41ms
40ms Stylesheet
text/css 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halstedfinancial.com/css/app.css?137

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43070a371321f566b339e15d13c54b1d7e2c1603d33aa2bc85f6e641210bf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/disputes

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6669fd48-3e8e4"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFjK0MW4MclhEoERcC4XyMm3MGWfXFN4kcb%2FsRqQGjIAITssDEUhzzh0denBGP1hOeAA6gCf6H5uGT5%2B4KG1Kp9Vzbs1RIwMesTjfhJAkn3SZ%2BPze7gq9raXldfkZ0gkoVVNOiQjQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15628&min_rtt=7208&rtt_var=10572&sent=22&recv=17&lost=0&retrans=0&sent_bytes=11607&recv_bytes=6542&delivery_rate=286651&cwnd=12000&unsent_bytes=0&cid=743b47364e08b5e1&ts=670&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: text/css
last-modified: Wed, 12 Jun 2024 19:55:52 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c16a9c9143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 70ms
30ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f5628a2-11846"
age: 31907
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SZ%2BmuSpAg6Fr0cUM3I8lik2s9Ds%2FlxhGLgUlVnmoSgGgtw4lSSs4J9KroMR3MiZ0PcCcWMYP5FsKIus1f%2FCT3%2BpZEoKQL6tLQezXLHcLmJMJ7R3WDxXfEcbx3i%2B6Qh40ol8EpR0F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 15:32:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f71a4c1ae4a3610-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4216
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: gzip
age: 22594
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:15:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:15:47 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H3 200 Halsted_Financial_BIMI.svg
halstedfinancial.com/images/logo/ 11 KB
5 KB 63ms
62ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/logo/Halsted_Financial_BIMI.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a8ee93ad6953da65f742e18989953c4d526af929c477a40c5444582f8ca423

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/disputes

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6669fd48-2b41"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pStm0goXvm3GxGFQB2HUuNct67%2F4S2OL1rZ6TG2VBhGrh7Q7PmiqeZxw1lM7jGnc27pQDF9oOY3IhXjXsfihRFhMBoNhDFX635AqC6vBzk7sGGOh2PtMadJv5joIE9k0IlBX53XlJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15628&min_rtt=7208&rtt_var=10572&sent=32&recv=17&lost=0&retrans=0&sent_bytes=23607&recv_bytes=6542&delivery_rate=286651&cwnd=12000&unsent_bytes=0&cid=743b47364e08b5e1&ts=673&x=1", cfExtPri, cfHdrFlush;dur=27
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Jun 2024 19:55:52 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c16aa19143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
994 B 120ms
53ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld5t7AaAAAAAKBmYyOz3a1FKZ0nne56DaALLcQw

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

ESF /

Resource Hash

7a1010d9ac2bb6df3745d2b4d37009c6f402d0d254c94f0c25ed35ff7a54f902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 15:32:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 24 Dec 2024 15:32:21 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 halsted-letter-reference-number.png
halstedfinancial.com/images/ 26 KB
27 KB 506ms
505ms Image
image/png 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/halsted-letter-reference-number.png

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c8c33b33ef257e403bfe3db214ea593b17bd28b414f589e75d34b3deb60fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/disputes

Response headers

cf-cache-status: MISS
etag: "665df4d4-6935"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPphz9Pg%2B7Os5XLHyJ%2FubigwIjiyxQdkD1KZfB%2F3FhMUN7poVkXv1G%2BE3%2Fsqwl5Qo2xsK57SXbWH61d3BfrEfrJlJHumyifnXvpQqPBTPRbE7mafKLu0HYDyogjWj%2Ftx10BYAZDqDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13068&min_rtt=7208&rtt_var=4149&sent=102&recv=51&lost=0&retrans=0&sent_bytes=93129&recv_bytes=19541&delivery_rate=183594&cwnd=32400&unsent_bytes=0&cid=743b47364e08b5e1&ts=1170&x=1", cfExtPri, cfHdrFlush;dur=1
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/png
last-modified: Mon, 03 Jun 2024 16:52:36 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c1cae69143-FRA
accept-ranges: bytes
content-length: 26933
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 halsted-email-reference-number.png
halstedfinancial.com/images/ 71 KB
72 KB 579ms
578ms Image
image/png 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/halsted-email-reference-number.png

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483678f5b63e16230b6a3e0678f2a4af7cf597857a7def4cb912a11103eea501

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/disputes

Response headers

cf-cache-status: MISS
etag: "665df4d4-11bf7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xzPOwzLpRDpvOOybyfMAs1KmXK0kLfG4%2FqJGv80Cvc3hR5yLwR2FdG5c1axPZ6v%2FAoGaJyMY7DwlA1xIT0GglKrXus8rst%2BO5c02f6eIC%2FEsws6yu2tSYfg1KLMlcQ3qpMYy4UXAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26884&min_rtt=7208&rtt_var=6077&sent=185&recv=79&lost=0&retrans=0&sent_bytes=191411&recv_bytes=20783&delivery_rate=1945818&cwnd=80100&unsent_bytes=0&cid=743b47364e08b5e1&ts=1314&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/png
last-modified: Mon, 03 Jun 2024 16:52:36 GMT
vary: Accept-Encoding
priority: u=2,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c22b1d9143-FRA
accept-ranges: bytes
content-length: 72695
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 email-decode.min.js Show response
halstedfinancial.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 51ms
46ms Script
application/javascript 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halstedfinancial.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/disputes

Response headers

strict-transport-security: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IaafxDr8RDFMCxB7HdQ6nNWzvXY8zNzaTc8wgZNkDqN552HOwkgNryTUjA00BlEVrhBRSi6SylKL6AKk3JorPco8MHr1AHaQKkCvHxro7DALXoMWcym43Zup%2B0%2FFybh5LYPWqGjg6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f71a4c44c799143-FRA
expires: Thu, 26 Dec 2024 15:32:21 GMT
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 216ms
80ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161726328-2

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8372c31cdf8b12c0d24f2982a3a3457111a471f84226027d3c2f0869a11ed39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 15:32:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81540
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 51ms
47ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fa9-4af4"
age: 419880
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTFWqI6unp739BMV7TefBFWRyQsROCWqmu8SKzrH%2FQEUFGjDUulO3eXm6LeJJfIVmfEy7449IRGQEmu%2B393YHygjzau%2Bww%2F7pYi%2Fv7kmyWxv8eZoSJMXKaLxfxb%2BoC6wYAxNtNtu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 15:32:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:15:37 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f71a4c44c4d71c1-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6157
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 151ms
44ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
age: 7235134
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 24 Dec 2024 15:32:21 GMT
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:46:36
cdn-requestpullcode: 200
priority: u=2,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 7304b03fa278cec42db0046f33ade7e2
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8f71a4c4fb2b381a-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1048
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 202ms
62ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b7da61c7eccb6e79649240ea72cb0b3603c21ad62c0e8965949a74f49415fcdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"56847ee4cf22e09e841c95d7597c67fd"
age: 742
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: VIqhv3z4vbajyuet-0LR0_J1N2jilgrYmbg-boVoKJswDBBi2x0ulw==
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 09:31:43 GMT
x-77-nzt-ray: 4c15622462ee7ae305d46a6764e5d438
vary: Accept-Encoding
x-77-nzt: EgwBw7WqEQH3vAoAAAwBJRPCNAG3IQAAAA
cache-control: max-age=3600, public
via: 1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 2748
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 380ms
30ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6993e457cd1497ccb9cb730bff61be77d038aaa64f15e631b189172b2ff487e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 15:32:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 24 Dec 2024 15:29:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
92 KB 253ms
117ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55DR73X

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83afd33554955714c32c1908270b7c14c7557da2968cd77e3e9cfb230a43a16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 24 Dec 2024 15:32:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93694
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 549 KB
218 KB 196ms
59ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld5t7AaAAAAAKBmYyOz3a1FKZ0nne56DaALLcQw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

content-encoding: gzip
age: 27978
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 07:46:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 07:46:03 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222469
x-xss-protection: 0
server: sffe

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 112ms
32ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://fonts.googleapis.com/

Response headers

age: 448663
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 10:54:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 10:54:38 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 phone-v2.svg
halstedfinancial.com/images/icons/ 3 KB
2 KB 394ms
380ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/icons/phone-v2.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1530261c40f61bf69efd3d699c8b9be12090deea5b64a97168ef5e6877e494b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"60d0aab0-c7e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c52m%2BM3MdIv%2BGX9CnGcZabbVgnIeixCTaX%2Bhl7yMlAQr7%2B7DXm8KU85n9SQDzAbK1EHL0aNXoDvUY28Ef8UMN9vry3pwKCIvZsTE0uiD7cuVQo3CeIoiw4vp9jw3tkE7Kqq5miHrTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36235&min_rtt=7208&rtt_var=8944&sent=317&recv=105&lost=63&retrans=63&sent_bytes=342566&recv_bytes=22111&delivery_rate=894547&cwnd=39249&unsent_bytes=0&cid=743b47364e08b5e1&ts=1506&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Jun 2021 15:05:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c46c8d9143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 clock-v2.svg
halstedfinancial.com/images/icons/ 422 B
952 B 390ms
376ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/icons/clock-v2.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7dd5b56ba24aa2481878ef6155bcff9b4078efc8fdf1ee5b228d85f3d6b8685

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"60d0aab0-1a6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ykoc8zJLcYnEZ%2FkctGI9LOAPgafB14iSdPBSpHumpK6eujJOymfKsJdyZ2NlrE4PXnukzIeXi%2Bw21ofpW8SM00YO11W0OG0MJQ6Pa3uCSDzDbS0bzuCz4oUL7S0rvtyN8sNwcclTnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36235&min_rtt=7208&rtt_var=8944&sent=316&recv=105&lost=63&retrans=63&sent_bytes=341591&recv_bytes=22111&delivery_rate=894547&cwnd=39249&unsent_bytes=0&cid=743b47364e08b5e1&ts=1503&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Jun 2021 15:05:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c46c8e9143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bbb.png
halstedfinancial.com/images/logo/ 2 KB
2 KB 53ms
39ms Image
image/png 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/logo/bbb.png

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d1fe233a869ca157fae79e88527a2b21b1c5060c9101e6a7c4493fc2b3b852f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

cf-cache-status: HIT
etag: "5ff4a965-687"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gpKL%2B1RcbRO46QQNcTrTWfK%2FnK9UwJMoSwqKLoChude8c4G7t8RzmwfncvKAKNEpE2oJo6cG3GXJdCEeeXQJwvrAnM5uYqimlX3jTSgvJRI57JPWQnW5KLWz%2B6EIplY%2BR3jmbb8cA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=77&recv=49&lost=0&retrans=0&sent_bytes=68593&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1161&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/png
last-modified: Tue, 05 Jan 2021 18:01:09 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c929143-FRA
accept-ranges: bytes
content-length: 1671
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 aca.svg
halstedfinancial.com/images/logo/ 22 KB
8 KB 51ms
37ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/logo/aca.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920871fb65adf90b2c3998a8496c900f7ffb7a722af75ce51d1135bf4b021adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5e8f9206-5777"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVn0R3mb3HTTiCD1EItBFb%2BucpAlWw%2Fm2ljC0mYES3GVitoo3gnjMPJmWnJmdBtUWgyMJZ6Zbsw3o5j%2FFA%2F%2FbmY4hzPvtzAV3l2BFJnd3uqa99zQS5paVhM1dN7kqCG43dZIjx94AA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=70&recv=49&lost=0&retrans=0&sent_bytes=60729&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1160&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/svg+xml
last-modified: Thu, 09 Apr 2020 21:22:14 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c939143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 nmls.png
halstedfinancial.com/images/logo/ 3 KB
4 KB 54ms
40ms Image
image/png 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/logo/nmls.png

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5241c528ac2f660f2476ae0b461500755c8b2d6fd968cf35c3df27796d5df220

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

cf-cache-status: HIT
etag: "5ff4a965-c89"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bmEKjh6EloFSQL5BtefXuItozTa8rN9QFIgevPlGM7EQpxaKJgZapRjVbXLbwUml8PxTmpEU7mPY%2BJZx9fZYNXnL21YHdVQ6cyjGD0Qk3MPGMN87rLPu6VPpLwpStisB7yf7sbKfXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=66&recv=49&lost=0&retrans=0&sent_bytes=56719&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1160&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/png
last-modified: Tue, 05 Jan 2021 18:01:09 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c959143-FRA
accept-ranges: bytes
content-length: 3209
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 rmai.png
halstedfinancial.com/images/logo/ 81 KB
82 KB 53ms
42ms Image
image/png 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/logo/rmai.png

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a54ddcb9f6bf8fa90b9e10e368a72c87401ea64a198c3b7fb769a9e1b36993

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

cf-cache-status: HIT
etag: "5ff4a965-14325"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ug5kN%2FhvTeTD6kPK3vMKi6nTt7W8s9fioIrlp%2Fj1K47FBC99ao7NntoPiwEUEMKflFI0hsSViC%2BrmIrS9RKb5qOSc11YcG5%2BTSsZB5EVemzrp9tsTKK%2BZjJW5n2%2Fv3%2BILYuWmdFcrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=87&recv=49&lost=0&retrans=0&sent_bytes=76718&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1163&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/png
last-modified: Tue, 05 Jan 2021 18:01:09 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c969143-FRA
accept-ranges: bytes
content-length: 82725
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Halsted_Financial_Logo.svg
halstedfinancial.com/images/logo/ 6 KB
3 KB 51ms
39ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/logo/Halsted_Financial_Logo.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0821896b176c388bc6679a024069429a6baee7db02c7cf07c5ce529a11ab4f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5e6fc6a7-1817"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtjpnX1%2FbLgYI3cIUAOh0KPc%2BUhMHbXxtXtqLL2G0yzEToLI7oZXMTC4%2B2ajzcKjK6jOcKZzpEfqKq8q3T%2B5kvz4gAhA%2BINgk0ZSNcLA9FFMG6%2FNaHhtP6bxGkl5oJDKLwmIcP09xA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=80&recv=49&lost=0&retrans=0&sent_bytes=71044&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1161&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/svg+xml
last-modified: Mon, 16 Mar 2020 18:34:15 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c989143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 linkedin-v2.svg
halstedfinancial.com/images/icons/ 984 B
1 KB 53ms
41ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/icons/linkedin-v2.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82fd151d698eed168944555139433e987af3cbd612b02f2338daf5f02a6ac50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"60d0aab0-3d8"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uV0D91xP6gK1SgtsXhbhEopVWoQ%2FKHxxihmIJvPpDDLaEXZUZOXMYn55nEURGcH4GpmZnTsY49ELxXccCHghCzyLaHuJEPpTHUp3%2BYDWAQ%2FBmA05im0n8rNB%2FOAMkGk3NiEnsdDPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=85&recv=49&lost=0&retrans=0&sent_bytes=75441&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1162&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Jun 2021 15:05:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c999143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 facebook-v2.svg
halstedfinancial.com/images/icons/ 598 B
1 KB 93ms
82ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/icons/facebook-v2.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936489a272c99ed4fdf4216c903046460ab339fa166ae252af1c3e4159b13505

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"60d0aab0-256"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIkyeE9HUX0iLaTVC4w78IAvtYPu7fL%2BXCKzM1TT8GHpPQ5LoB1%2Bl7hfvDlkSMKTqNoIRJmMM3EghWtoBCnN8nmIcT%2F3IxaHVVIry7532kDmvtvNTP%2FqooxUR0pSUITsPvL97n%2BwnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=95&recv=49&lost=0&retrans=0&sent_bytes=85519&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1167&x=1", cfExtPri, cfHdrFlush;dur=2
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Jun 2021 15:05:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c9a9143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 twitter-v2.svg
halstedfinancial.com/images/icons/ 1 KB
1 KB 52ms
41ms Image
image/svg+xml 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halstedfinancial.com/images/icons/twitter-v2.svg

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/css/app.css?137

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

639ed2c774e21ee7a8c304a00f1fc986e8dd63bf88ae89f8b4d37b413275b888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/css/app.css?137

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"60d0aab0-53f"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uglJzYOCpwiYEepRtX%2B6tNC%2BTR%2B8Ll3NsxPG48QW1FcDdpiS2Q9MzPXtHrc%2B%2Fu0Ws4qvXQSmFkUHxiHUsjK7iRoK7uy0ukdG%2B5F9lbvZud%2FJxXZ3l4tm4hrPWwCrp1Uu2gyOgd09xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=7208&rtt_var=3922&sent=83&recv=49&lost=0&retrans=0&sent_bytes=73980&recv_bytes=19455&delivery_rate=2770&cwnd=28800&unsent_bytes=0&cid=743b47364e08b5e1&ts=1161&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Jun 2021 15:05:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4c47c9b9143-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 107ms
51ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-QGeIK6WA' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Dec 2024 15:32:21 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-QGeIK6WA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4527, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: skqXcnukGNX6IFkSy0go0CjwLcDgR5VLSX+1xfjRPh/mO6/V+nOxFogRUsmRO0OHCjJthK5mptp7hOCC2O+Z1w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 widget_app_base_1734946075448.js Show response
cdn.userway.org/widgetapp/2024-12-23-09-27-55/ 130 KB
41 KB 137ms
67ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cd09ff8d5635ca4fe9d78673cb2c76cf07842f1c7f55f2860a71d7ad92135183

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"4ed609035ade0ac16e63c4b5e9a30bb7"
age: 202
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: XsPfXG23MqddxAD2rUe3mrywzYG2fVM1pszsndg4d_J8kqYiio1pCg==
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 09:31:30 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c156224b1f6c0ea06d46a673ca15506
x-77-nzt: EgwBw7WqEQH3iKIBAAwBnJIhHwG3OQIAAA
cache-control: max-age=25920000, public
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107144
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 860705524733456 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 233ms
233ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/860705524733456?v=2.9.179&r=stable&domain=halstedfinancial.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

ef73eb8a2f8a8d1a6427f1d6ebe5d02d86954960d1d8ed25c07741916bd642bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-2ig8zmuA' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2ig8zmuA' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=23, c=45, mss=1232, tbw=98975, tp=88, tpl=23, uplat=173, ullat=0
pragma: public
x-fb-debug: DDB53BiLJK2JPnKRa62kFDJJCKPBqHb8wtBA5A90xrcxwPpVJCJ0c0CYac5x6za0fytaHpl9+OVuZqyaHQt/fw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 363 KB
121 KB 145ms
144ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CHJ1VDCR4&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161726328-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af137c8761deaa9996e93d9fc56e7aee3c4271d7f575c9cfd9f1e65f998c6e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 15:32:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123992
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 425ms
293ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161726328-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: gzip
age: 3057
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 16:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 14:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 58ms
58ms Ping
text/plain 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fhalstedfinancial.com%2Fdisputes&scrsrc=www.googletagmanager.com&frm=0&rnd=534700062.1735054342&dt=Halsted%20Financial%20Services%20-%20Complaints&auid=697912491.1735054342&navt=n&npa=1&gtm=45He4cc1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735054342196&tfd=1533&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55DR73X
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 255 KB
91 KB 140ms
140ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-480696370&l=dataLayer&cx=c&gtm=45He4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55DR73X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

229980920becffda3490bef9f384f3334f3476e123ac672180c4295630b39e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 24 Dec 2024 15:32:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93328
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 2yc8PysWnq Show response
api.userway.org/api/v1/tunings/ 2 KB
2 KB 1017ms
196ms XHR
application/json 54.70.75.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/v1/tunings/2yc8PysWnq
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.70.75.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-75-209.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7ca0fc3ee3909df6c72842efe041431a08fc22004d9db2edfb935354a4ec9899

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usr9f6785077c3c4b5
etag: W/"6c2-Aosg0D57sEBGna8uKfdFqAHJYao"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 1730
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 475B 0
0 1139ms
450ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fhalstedfinancial.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55DR73X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Dec 2024 15:32:23 GMT
expires: Wed, 24 Dec 2025 15:32:23 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame CEE6 0
0 210ms
69ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld5t7AaAAAAAKBmYyOz3a1FKZ0nne56DaALLcQw&co=aHR0cHM6Ly9oYWxzdGVkZmluYW5jaWFsLmNvbTo0NDM.&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=4pknbgtkgu4c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-azQxNecZ7Nd9m09vQhZA3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://halstedfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-azQxNecZ7Nd9m09vQhZA3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Dec 2024 15:32:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 473ms
427ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=860705524733456&ev=PageView&dl=https%3A%2F%2Fhalstedfinancial.com&rl=&if=false&ts=1735054342423&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735054342422.83853544466903966&pm=1&hrl=81c567&ler=empty&cdl=API_unavailable&it=1735054342119&coo=false&cs_cc=1&cas=3545924082196638%2C3106429079460219%2C3604467329660108%2C5203806719659668%2C3816322195101045%2C3123679227732988%2C3580594358656471%2C3359186820859180&rqm=GET

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4574, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 472ms
426ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=860705524733456&ev=PageView&dl=https%3A%2F%2Fhalstedfinancial.com&rl=&if=false&ts=1735054342423&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735054342422.83853544466903966&pm=1&hrl=81c567&ler=empty&cdl=API_unavailable&it=1735054342119&coo=false&cs_cc=1&cas=3545924082196638%2C3106429079460219%2C3604467329660108%2C5203806719659668%2C3816322195101045%2C3123679227732988%2C3580594358656471%2C3359186820859180&rqm=FGET

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7452001657403624696"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Dec 2024 15:32:22 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7452001657403624696", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: dTPSi1Xe1xoVnHdZWhag1YpxBKpv33Ixy7frYFruTtmGXKInx87tjulzucmJziwRFPFwXjGOgR6lqhULZcYpZw==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=70, rtx=0, c=23, mss=1232, tbw=5567, tp=17, tpl=0, uplat=238, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 798ms
46ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0CHJ1VDCR4&gtm=45je4cc1v9135206221za200&_p=1735054341792&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1903970467.1735054343&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1735054342&sct=1&seg=0&dl=https%3A%2F%2Fhalstedfinancial.com%2Fdisputes&dt=Halsted%20Financial%20Services%20-%20Complaints&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1863
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CHJ1VDCR4&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://halstedfinancial.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 523ms
54ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CHJ1VDCR4&cid=1903970467.1735054343&gtm=45je4cc1v9135206221za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CHJ1VDCR4&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://halstedfinancial.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 703ms
52ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CHJ1VDCR4&cid=1903970467.1735054343&gtm=45je4cc1v9135206221za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=846578981

Requested by

Host: halstedfinancial.com
URL: https://halstedfinancial.com/disputes

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 24 Dec 2024 15:32:23 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
422 B 192ms
191ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1770449893&t=pageview&_s=1&dl=https%3A%2F%2Fhalstedfinancial.com%2Fdisputes&ul=de-de&de=UTF-8&dt=Halsted%20Financial%20Services%20-%20Complaints&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=271952546&gjid=267685100&cid=1903970467.1735054343&tid=UA-161726328-2&_gid=662852207.1735054343&_r=1&gtm=457e4cc1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&npa=1&z=1979495714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://halstedfinancial.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 15:32:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://halstedfinancial.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-12-23-09-27-55/locales/ 607 B
943 B 17ms
17ms XHR
application/json 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 203
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: DDEfyeWAO8gN2GGz0l9S3_XqT6LNX7BQWRMmT5KMUlkbfnFM0s31cQ==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: application/json
last-modified: Mon, 23 Dec 2024 09:31:29 GMT
x-77-nzt-ray: 4c156224b1f6c0ea07d46a6731007d0e
vary: Accept-Encoding
x-77-nzt: EgwBw7WqEQH3faIBAAwBw7WvBgG3QgIAAA
cache-control: max-age=25920000, public
via: 1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107133
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 halsted_favicon_@2x.png
halstedfinancial.com/ 2 KB
3 KB 35ms
34ms Other
image/png 172.67.164.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halstedfinancial.com/halsted_favicon_@2x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.71 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

828a7f6543f928e070a3450c256881b1e812061862d4919b14d490c700f2585d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/disputes

Response headers

cf-cache-status: HIT
etag: "602163db-81d"
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1t8Dt7JxW6VdkS4uJhh2VeqD4c1e5CKROwnG5SyiRMA%2Fmxzm%2FHvdySt%2BcxTcb7dSkMmpHymwZFrToltsiSy9jQuMITL63xRUFnBPBXLwIvISSHO1IrLehVyW9nkTWloyLoU5d%2FsY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35206&min_rtt=7208&rtt_var=6594&sent=320&recv=108&lost=63&retrans=63&sent_bytes=344856&recv_bytes=23305&delivery_rate=32964&cwnd=39249&unsent_bytes=0&cid=743b47364e08b5e1&ts=2803&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: image/png
last-modified: Mon, 08 Feb 2021 16:16:27 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f71a4cebcc09143-FRA
accept-ranges: bytes
content-length: 2077
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 remediation_1734946075448.js Show response
cdn.userway.org/widgetapp/2024-12-23-09-27-55/remediation/ 78 KB
23 KB 38ms
38ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/remediation/remediation_1734946075448.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8b1f2f2083d9ec3c524ceb4e5fa914c389041839b60b3f34e12520ab4f08fa84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"bcfd368d30bf6d391a64fb0f325f4247"
age: 194
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: -DOM3s8BeSHOyaw7uD9KlVBQa85Hv4V6x13Yaq2k5MTIS4atNcmwbg==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 09:31:30 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c156224b1f6c0ea07d46a6795557c2c
x-77-nzt: EgwBw7WqEQH3h6IBAAwBnJIhJwG3OAIAAA
cache-control: max-age=25920000, public
via: 1.1 92db4c522f37fa3dd780f6fa204d8256.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107143
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 IsXUFXy8HAq0wEWS.json Show response
cdn.userway.org/remediations/consolidated/3607956/ 216 B
817 B 44ms
44ms XHR
application/json 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/3607956/IsXUFXy8HAq0wEWS.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9aacd0b59616bdd7fa10b89a523bb4f0b3ff95c2f791586d32ace99fb21b6eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"07bb860af6d25607e38fae36d713dc5d"
age: 1981
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 1H0KzoNwf8fUo0mJPdd2sVwkcx8Z0AW9ccO_KtplgBZse9lq_N4R9A==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: application/json
last-modified: Fri, 19 Jul 2024 14:39:22 GMT
x-77-nzt-ray: 4c156224b1f6c0ea07d46a675b31782c
vary: Accept-Encoding
x-77-nzt: EggBw7WqEQFBDAHDta8CAZffaAEA
cache-control: public, max-age=31536000
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 92383
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-12-23-09-27-55/ 30 KB
5 KB 30ms
29ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-12-23-09-27-55/widget_base.css?v=1734946075448
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 56208090c97544d70a23343e2f379c1cf31521ad2f92f5f4f7acf317fba2213a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"60cbf0842fcb5517984822ba032d86fe"
age: 739
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: cZgHOdF1yY1whcpLBb3zFAqUEHWiXdXLJRuXftBZQX7BgPyfLnGKTw==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: text/css
last-modified: Mon, 23 Dec 2024 09:30:51 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c15622462ee7ae307d46a67d88e762c
x-77-nzt: EgwBw7WqEQH3h6IBAAwBJRPCLgG3IQAAAA
cache-control: max-age=864000, public
via: 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107143
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-12-23-09-27-55/ Frame EB28 30 KB
0 30ms
30ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-12-23-09-27-55/widget_base.css?v=1734946075448
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 56208090c97544d70a23343e2f379c1cf31521ad2f92f5f4f7acf317fba2213a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"60cbf0842fcb5517984822ba032d86fe"
age: 739
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: cZgHOdF1yY1whcpLBb3zFAqUEHWiXdXLJRuXftBZQX7BgPyfLnGKTw==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: text/css
last-modified: Mon, 23 Dec 2024 09:30:51 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c15622462ee7ae307d46a67d88e762c
x-77-nzt: EgwBw7WqEQH3h6IBAAwBJRPCLgG3IQAAAA
cache-control: max-age=864000, public
via: 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107143
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-12-23-09-27-55/ Frame 916A 30 KB
0 30ms
30ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-12-23-09-27-55/widget_base.css?v=1734946075448
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 56208090c97544d70a23343e2f379c1cf31521ad2f92f5f4f7acf317fba2213a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"60cbf0842fcb5517984822ba032d86fe"
age: 739
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: cZgHOdF1yY1whcpLBb3zFAqUEHWiXdXLJRuXftBZQX7BgPyfLnGKTw==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: text/css
last-modified: Mon, 23 Dec 2024 09:30:51 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c15622462ee7ae307d46a67d88e762c
x-77-nzt: EgwBw7WqEQH3h6IBAAwBJRPCLgG3IQAAAA
cache-control: max-age=864000, public
via: 1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107143
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 18ms
17ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: p0-vxUgSd-jflYR2U8wvwyNMlBueuOlB_rHKuppO0K6cF9XXrp7JWQ==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: image/svg+xml
x-77-nzt-ray: 4c15622462ee7ae307d46a67f639f22e
vary: Accept-Encoding
last-modified: Mon, 23 Dec 2024 09:31:31 GMT
x-77-nzt: EgwBw7WqEQH3h6IBAAwBnJIhHwG3IgAAAA
cache-control: max-age=25920000, public
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107143
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 9FL8-fZ79PjjdEewF2loaYSwJDg3lKMijH93tacs8ALPmLtAnCVFuA==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: image/svg+xml
x-77-nzt-ray: 4c15622462ee7ae307d46a67b908f62e
vary: Accept-Encoding
last-modified: Mon, 23 Dec 2024 09:31:32 GMT
x-77-nzt: EgwBw7WqEQH3iKIBAAwBw7WvBgG3IQAAAA
cache-control: max-age=25920000, public
via: 1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107144
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-12-23-09-27-55/paid/ 72 KB
26 KB 29ms
29ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-12-23-09-27-55/paid/remediation-tool.js?ts=1734946075448
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 57eac1082a24c4bfbd926594f0af4d36f98e3b3695973a96e238d953d7e79fbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"4bb944a47acbfa9989f5f364f5b48f93"
age: 192
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: tsk4p8CODnr7CofqPHQb-RAXxK0lIkW5BIYbjvkR5TVydI4oxGXhdA==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 09:31:41 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c156224b1f6c0ea07d46a67b4170e2f
x-77-nzt: EgwBw7WqEQH3hqIBAAwBnJIhJwG3OQIAAA
cache-control: max-age=25920000, public
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107142
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 IsXUFXy8HAq0wEWS.json Show response
cdn.userway.org/remediations/consolidated/3607956/ 216 B
0 0ms
0ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/3607956/IsXUFXy8HAq0wEWS.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-12-23-09-27-55/paid/remediation-tool.js?ts=1734946075448
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9aacd0b59616bdd7fa10b89a523bb4f0b3ff95c2f791586d32ace99fb21b6eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"07bb860af6d25607e38fae36d713dc5d"
age: 1981
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 1H0KzoNwf8fUo0mJPdd2sVwkcx8Z0AW9ccO_KtplgBZse9lq_N4R9A==
date: Tue, 24 Dec 2024 15:32:23 GMT
content-type: application/json
last-modified: Fri, 19 Jul 2024 14:39:22 GMT
x-77-nzt-ray: 4c156224b1f6c0ea07d46a675b31782c
vary: Accept-Encoding
x-77-nzt: EggBw7WqEQFBDAHDta8CAZffaAEA
cache-control: public, max-age=31536000
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 92383
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 nav_menu_helper_1734946075448.js Show response
cdn.userway.org/widgetapp/2024-12-23-09-27-55/remediation/ 23 KB
7 KB 29ms
29ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/remediation/nav_menu_helper_1734946075448.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-12-23-09-27-55/widget_app_base_1734946075448.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://halstedfinancial.com
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
age: 190
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: PbZbJN6QU9OfaWoN_Iz957cGuX9GQ0YgXROJeymm82C3hd67dsMY_A==
date: Tue, 24 Dec 2024 15:32:24 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 09:31:30 GMT
vary: Accept-Encoding
x-77-nzt-ray: 4c156224b1f6c0ea08d46a67afcf102f
x-77-nzt: EgwBw7WqEQH3g6IBAAwBJRPCLgG3OwIAAA
cache-control: max-age=25920000, public
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 107139
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/2yc8PysWnq/3607956/RLqwMG7OTpTSzPtD/ 640 B
744 B 70ms
69ms Fetch
application/json 2a02:6ea0:c700::18
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/2yc8PysWnq/3607956/RLqwMG7OTpTSzPtD/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fimages%2Fhalsted-email-reference-number.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fimages%2Fhalsted-letter-reference-number.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fimages%2Flogo%2FHalsted_Financial_BIMI.svg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fdisputes%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-12-23-09-27-55/paid/remediation-tool.js?ts=1734946075448
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 92c6fe141846669997dd5bb8d4770dfd456a552738e03363e2ad38f970e11642

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"280-1vbVGBJrg2T6/4sj5jIDe8TAr1E"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
date: Tue, 24 Dec 2024 15:32:25 GMT
content-type: application/json; charset=utf-8
x-77-nzt-ray: f88df72e1fc504d009d46a67eb5c9638
vary: Accept-Encoding
access-control-allow-headers: *
x-77-nzt: EggBqZb/swFBDAGckiEfAbcMDQEA
cache-control: max-age=604800
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 68876
x-service-version: img-dscr-srv-4a113cec
server: CDN77-Turbo

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/2yc8PysWnq/3607956/RLqwMG7OTpTSzPtD/ Frame 0
0 604ms
498ms Preflight 2a02:6ea0:c700::18
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/2yc8PysWnq/3607956/RLqwMG7OTpTSzPtD/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fimages%2Fhalsted-email-reference-number.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fimages%2Fhalsted-letter-reference-number.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fimages%2Flogo%2FHalsted_Financial_BIMI.svg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fhalstedfinancial.com%2Fdisputes%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://halstedfinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Tue, 24 Dec 2024 15:32:25 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBqZb/swAACAGckiEfAAA
x-77-nzt-ray: f88df72e1fc504d009d46a670561d91a
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-4a113cec

GET
H2 200 3607956 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 303ms
302ms Fetch
application/json 54.70.75.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/3607956
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-12-23-09-27-55/paid/remediation-tool.js?ts=1734946075448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.70.75.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-75-209.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 51
date: Tue, 24 Dec 2024 15:32:26 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 3607956 Show response
api.userway.org/api/br-links/v0/links/ 221 B
587 B 184ms
184ms Fetch
application/json 54.70.75.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/3607956
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-12-23-09-27-55/paid/remediation-tool.js?ts=1734946075448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.70.75.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-75-209.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 87143fa58adb7f7d797a39eb3b9f403d05afd0e54d9c0fecf06b860cf82feae1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://halstedfinancial.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
etag: W/"dd-btGc4Zj8Z0fz8aw4sesPNm3sDE8"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 221
date: Tue, 24 Dec 2024 15:32:26 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 06:16:46	Name: _GRECAPTCHA Value: 09AJNbFnepy2s6bSpEwjSII618EoqejVK7VC-w8uO4488WEaRHchMejly6WqokjQQhT4SC1Ng1RNgVZmAS2YZduLs
halstedfinancial.com/	1970-01-21 01:57:41	Name: XSRF-TOKEN Value: eyJpdiI6Ikh3bzBYclk5SXBTVjdhSld0YmZRUHc9PSIsInZhbHVlIjoiWlh0OHVvUEY3TUdLRDZjQWY4R0ZvQ3BWUFhpOUlSMkl5UEJRd044YjZ6SnJhTFZkYk1HNzJpTWN3ZWRVUE1sNEJHU291QXQ3RjMzTXphNDdsQ0h5QnpXcUV1bjVRVFM2YlR2QUdKcUcvdWgrZ1RTa2tMV1IxV0t4Z3hFSk9CTFoiLCJtYWMiOiJjNmI4YWI2YTQwNjRkOGViODMxYjM3M2I1NmVjNTU2OWJhMDEzYzc2ZGY1ZTVlODE3MDJiMzQwN2FkOTBiYzJlIn0%3D
halstedfinancial.com/	1970-01-21 01:57:41	Name: laravel_session Value: eyJpdiI6IkJNaG81MjMwQlpXMmJ2SW5OUVVhOWc9PSIsInZhbHVlIjoidUovRHhyWHV3blZVTXFBSnJOcWFuSWMzYWpkRU83cFZlVERUc3lla1NmY3QxOEd5eUxCRW1XQ2d1VEd2TGxoemEwaFNyNndKcDFiYjVNWjdwUyt2NjloQ2pySzMwSjlyS1kwaXgzQ3c2ZmRMSHdodnBneUZoT2M2SjE0Ujl1SHYiLCJtYWMiOiI4MDg1OWQyZjY4YTMwMjdmNGY2YjlhOGExZWU3Nzg4OTRmNmQwOWQ2ZDc4ZmJlYzIzOWM1Y2VjN2ZmMjcyODI0In0%3D
.halstedfinancial.com/	1970-01-21 04:07:10	Name: _gcl_au Value: 1.1.697912491.1735054342
.halstedfinancial.com/	1970-01-21 04:07:10	Name: _fbp Value: fb.1.1735054342422.83853544466903966
.halstedfinancial.com/	1970-01-21 11:33:34	Name: _ga_0CHJ1VDCR4 Value: GS1.1.1735054342.1.0.1735054342.60.0.0
.halstedfinancial.com/	1970-01-21 11:33:34	Name: _ga Value: GA1.2.1903970467.1735054343
.halstedfinancial.com/	1970-01-21 01:59:00	Name: _gid Value: GA1.2.662852207.1735054343
.halstedfinancial.com/	1970-01-21 01:57:34	Name: _gat_gtag_UA_161726328_2 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.userway.org
cdn.userway.org
cdn77.api.userway.org
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
halstedfinancial.com
maxcdn.bootstrapcdn.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.17.25.14
104.18.10.207
142.250.185.132
142.250.185.195
157.240.0.6
157.240.252.35
172.217.16.195
172.67.164.71
2001:4860:4802:34::36
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9d
2a02:6ea0:c700::18
2a02:6ea0:c700::19
54.70.75.209
0821896b176c388bc6679a024069429a6baee7db02c7cf07c5ce529a11ab4f99
1530261c40f61bf69efd3d699c8b9be12090deea5b64a97168ef5e6877e494b7
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
229980920becffda3490bef9f384f3334f3476e123ac672180c4295630b39e25
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
43070a371321f566b339e15d13c54b1d7e2c1603d33aa2bc85f6e641210bf78a
483678f5b63e16230b6a3e0678f2a4af7cf597857a7def4cb912a11103eea501
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
5241c528ac2f660f2476ae0b461500755c8b2d6fd968cf35c3df27796d5df220
56208090c97544d70a23343e2f379c1cf31521ad2f92f5f4f7acf317fba2213a
57eac1082a24c4bfbd926594f0af4d36f98e3b3695973a96e238d953d7e79fbb
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
639ed2c774e21ee7a8c304a00f1fc986e8dd63bf88ae89f8b4d37b413275b888
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6993e457cd1497ccb9cb730bff61be77d038aaa64f15e631b189172b2ff487e7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a1010d9ac2bb6df3745d2b4d37009c6f402d0d254c94f0c25ed35ff7a54f902
7ca0fc3ee3909df6c72842efe041431a08fc22004d9db2edfb935354a4ec9899
7d1fe233a869ca157fae79e88527a2b21b1c5060c9101e6a7c4493fc2b3b852f
7d60b316a4cb17b4ca8ef29145be3f6bfabb44547ad098135071d42bf979bc8e
828a7f6543f928e070a3450c256881b1e812061862d4919b14d490c700f2585d
8372c31cdf8b12c0d24f2982a3a3457111a471f84226027d3c2f0869a11ed39a
83afd33554955714c32c1908270b7c14c7557da2968cd77e3e9cfb230a43a16f
8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a
87143fa58adb7f7d797a39eb3b9f403d05afd0e54d9c0fecf06b860cf82feae1
8b1f2f2083d9ec3c524ceb4e5fa914c389041839b60b3f34e12520ab4f08fa84
920871fb65adf90b2c3998a8496c900f7ffb7a722af75ce51d1135bf4b021adf
92c6fe141846669997dd5bb8d4770dfd456a552738e03363e2ad38f970e11642
936489a272c99ed4fdf4216c903046460ab339fa166ae252af1c3e4159b13505
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a9aacd0b59616bdd7fa10b89a523bb4f0b3ff95c2f791586d32ace99fb21b6eb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af137c8761deaa9996e93d9fc56e7aee3c4271d7f575c9cfd9f1e65f998c6e18
b2a54ddcb9f6bf8fa90b9e10e368a72c87401ea64a198c3b7fb769a9e1b36993
b7da61c7eccb6e79649240ea72cb0b3603c21ad62c0e8965949a74f49415fcdd
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
cd09ff8d5635ca4fe9d78673cb2c76cf07842f1c7f55f2860a71d7ad92135183
d82fd151d698eed168944555139433e987af3cbd612b02f2338daf5f02a6ac50
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a8ee93ad6953da65f742e18989953c4d526af929c477a40c5444582f8ca423
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e9c8c33b33ef257e403bfe3db214ea593b17bd28b414f589e75d34b3deb60fb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef73eb8a2f8a8d1a6427f1d6ebe5d02d86954960d1d8ed25c07741916bd642bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f7dd5b56ba24aa2481878ef6155bcff9b4078efc8fdf1ee5b228d85f3d6b8685
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

halstedfinancial.com Open in urlscan Pro 172.67.164.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

50 %IPv6

13 Domains

18 Subdomains

19 IPs

4 Countries

1177 kBTransfer

3205 kBSize

9 Cookies

9 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

halstedfinancial.com Open in urlscan Pro
172.67.164.71 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

18
Subdomains

19
IPs

4
Countries

1177 kB
Transfer

3205 kB
Size

9
Cookies

59 HTTP transactions
1 data transactions