www.greenfinancialgrp.com Open in urlscan Pro
35.166.50.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.e2ma.net/click/acwbed/ef5f71v/evl3ws
Effective URL:
https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
Submission: On March 26 via manual (March 26th 2021, 4:16:04 am UTC) from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 51 HTTP transactions. The main IP is 35.166.50.210, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.greenfinancialgrp.com.
TLS certificate: Issued by R3 on January 26th 2021. Valid for: 3 months.

This is the only time www.greenfinancialgrp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.4.192.32 52.4.192.32	14618 (AMAZON-AES) (AMAZON-AES)
9	35.166.50.210 35.166.50.210	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
51	15

1 52.4.192.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-192-32.compute-1.amazonaws.com

t.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.166.50.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-50-210.us-west-2.compute.amazonaws.com

www.greenfinancialgrp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	gstatic.com www.gstatic.com fonts.gstatic.com	589 KB
9	youtube.com www.youtube.com	686 KB
9	greenfinancialgrp.com www.greenfinancialgrp.com	1 MB
6	google.com www.google.com	31 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	23 KB
2	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	1 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
2	jsdelivr.net cdn.jsdelivr.net	35 KB
1	ytimg.com i.ytimg.com	138 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	e2ma.net 1 redirects t.e2ma.net	271 B
51	12

	Domain	Requested by
9	www.youtube.com	www.greenfinancialgrp.com www.youtube.com
9	www.greenfinancialgrp.com	www.greenfinancialgrp.com
6	www.gstatic.com	www.google.com www.youtube.com
6	www.google.com	www.greenfinancialgrp.com www.gstatic.com www.youtube.com www.google.com
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	www.google-analytics.com	www.greenfinancialgrp.com www.google-analytics.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	cdn.jsdelivr.net	www.greenfinancialgrp.com cdn.jsdelivr.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	googleads.g.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	www.greenfinancialgrp.com
1	kit.fontawesome.com	www.greenfinancialgrp.com
1	t.e2ma.net	1 redirects
51	16

This site contains no links.

Subject Issuer	Validity	Valid
greenfinancialgrp.us1.advisor.ws R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
Frame ID: 1D9A41A707418659A786B11AB12EF189
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
Frame ID: 50EB2A392520215DA79CE217A1DDC785
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly93d3cuZ3JlZW5maW5hbmNpYWxncnAuY29tOjQ0Mw..&hl=en&type=image&v=5mNs27FP3uLBP3KBPib88r1g&theme=light&size=normal&cb=fvq52wbz0p7f
Frame ID: 8E9509DFE86813C2E82CA2DC3FDEE67B
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&cb=e0e94lr7i6vx
Frame ID: EF96AA0C2469C51A94E7C4C272D05BCB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.e2ma.net/click/acwbed/ef5f71v/evl3ws HTTP 302
https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

87 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

2806 kB
Transfer

8664 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.e2ma.net/click/acwbed/ef5f71v/evl3ws HTTP 302
https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request reaction-business-vs-prediction-business Show response
www.greenfinancialgrp.com/blog-01/
Redirect Chain

https://t.e2ma.net/click/acwbed/ef5f71v/evl3ws
https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

60 KB
17 KB

1026ms
374ms

Document
text/html

35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

51b3e5f750e4092cad84d14bd6d4cadffe41ef57e2899b60a31b0a2865661149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.greenfinancialgrp.com
:scheme: https
:path: /blog-01/reaction-business-vs-prediction-business
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.18.0
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Cookie
cache-control: max-age=86400, public no-store, no-cache, must-revalidate, post-check=0, pre-check=0
date: Wed, 24 Mar 2021 16:23:37 GMT
x-drupal-dynamic-cache: MISS
link: <https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business>; rel="canonical" <https://www.greenfinancialgrp.com/node/1130>; rel="shortlink" <https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 24 Mar 2021 16:23:36 GMT
etag: W/"1616603016"
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache-ratio: 0.97604790419162
strict-transport-security: max-age=15552000
x-drupal-cache: HIT
x-speed-cache: BYPASS
x-speed-cache-key: /blog-01/reaction-business-vs-prediction-business
x-nocache: Cache
x-server-name: greenfinancialgrp.us1.advisor.ws
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-encoding: br

Redirect headers

Content-Type: text/plain
Date: Fri, 26 Mar 2021 04:15:13 GMT
Location: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
Server: Apache
X-Robots-Tag: noindex, nofollow
Content-Length: 0
Connection: keep-alive

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
647 B 18ms
15ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 04:15:14 GMT

GET
H2 200 css_c67TNsSfblXdef_v8hdIU8MNmG8F-6Ny2hMSs_e1Ry4.css
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/css/ 31 KB
7 KB 214ms
211ms Stylesheet
text/css 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/css/css_c67TNsSfblXdef_v8hdIU8MNmG8F-6Ny2hMSs_e1Ry4.css

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

73aed336c49f6e55dd79ffeff2174853c30d986f05fba372da1312b3f7b5472e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 19:32:29 GMT
server: nginx/1.18.0
etag: "600f1ccd-1b76"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 7030
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 foundation-icons.min.css
cdn.jsdelivr.net/foundation-icons/3.0/ 17 KB
4 KB 40ms
8ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4583267bc4084d808f5832f3397b30913b0fbb5b637801363326fb2a277f2416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 102612
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3542
etag: W/"440c-3pFuUHv0dYilm9845JTufYMiDIo"
x-served-by: cache-fra19145-FRA
date: Fri, 26 Mar 2021 04:15:14 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css_CPjPwVTI5xttRvknzfKLCOAXY1bYZHg2XBtv1BxEZnA.css
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/css/ 3 MB
335 KB 228ms
225ms Stylesheet
text/css 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/css/css_CPjPwVTI5xttRvknzfKLCOAXY1bYZHg2XBtv1BxEZnA.css

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

08f8cfc154c8e71b6d46f927cdf28b08e0176356d86478365c1b6fd41c446670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 05:53:13 GMT
server: nginx/1.18.0
etag: "604ef649-53903"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 342275
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 e221a1e9b1.js Show response
kit.fontawesome.com/ 11 KB
4 KB 70ms
39ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e221a1e9b1.js

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2570ec2e9590ff8872d36959edcb4c32efa72034e4a8e344786d8b75192f71c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:14 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 090e57675d0000d705cb1dc000000001
x-request-id: Fm_JSuhxLYrNE2s0O80B
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 635d8e856fafd705-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 GFG%2520Texas%2520with%2520Green.png%2520%25281%2529_3.png
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/styles/max_650x650/public/images/ 16 KB
17 KB 226ms
224ms Image
image/png 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/styles/max_650x650/public/images/GFG%2520Texas%2520with%2520Green.png%2520%25281%2529_3.png?itok=8RhtK4e0

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

4f7ab515c1fbcaa1efa0a285fb5319959ea07a7cf40c759d21e91fc9b0d9afaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 15:55:34 GMT
server: nginx/1.18.0
etag: "5f3410f6-4148"
content-type: image/png
access-control-allow-origin: *
expires: Sun, 25 Apr 2021 04:15:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16712
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 03-16_green_youtube.jpg
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/styles/max_1300x1300/public/images/ 113 KB
113 KB 263ms
261ms Image
image/jpeg 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/styles/max_1300x1300/public/images/03-16_green_youtube.jpg?itok=KNw2KRS2

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e6c7ea463cb9fc35b65708d4cf96738d90871e5396a50f4536d1848c0d1544ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 20:03:07 GMT
server: nginx/1.18.0
etag: "6058f7fb-1c3fb"
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 25 Apr 2021 04:15:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 115707
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 colored-small.png
www.greenfinancialgrp.com/modules/custom/themes/images/brokercheck-icons/ 10 KB
11 KB 268ms
266ms Image
image/png 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenfinancialgrp.com/modules/custom/themes/images/brokercheck-icons/colored-small.png

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

92ebc5eb51c7f516c514dcb4ddebdd12e0ef0c3497ceae8534275fc5ae6a579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jul 2020 18:34:11 GMT
server: nginx/1.18.0
etag: "5f246423-29db"
content-type: image/png
access-control-allow-origin: *
expires: Sun, 25 Apr 2021 04:15:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10715
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 js_A6-03P6rW1i18kCej80zWQolTN4DxViIdrNTK4cHvag.js Show response
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/js/ 131 KB
45 KB 542ms
542ms Script
application/javascript 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/js/js_A6-03P6rW1i18kCej80zWQolTN4DxViIdrNTK4cHvag.js

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

03afb4dcfeab5b58b5f2409e8fcd33590a254cde03c5588876b3532b8707bda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 19:32:30 GMT
server: nginx/1.18.0
etag: "600f1cce-b31c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 45852
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 466
date: Fri, 26 Mar 2021 04:07:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 26 Mar 2021 06:07:29 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 12:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55361
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 12:52:34 GMT

GET
H2 200 js_3tOxu_ZmvH0L0fhlPXBazq_TvqnXK7ktYHRqj-c69og.js Show response
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/js/ 333 KB
56 KB 208ms
205ms Script
application/javascript 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/js/js_3tOxu_ZmvH0L0fhlPXBazq_TvqnXK7ktYHRqj-c69og.js

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

ded3b1bbf666bc7d0bd1f8653d705aceafd3bea9d72bb92d60746a8fe73af688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Feb 2021 13:40:04 GMT
server: nginx/1.18.0
etag: "602d1cb4-dfa4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-length: 57252
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ 332 KB
130 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181692
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 01:47:03 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 33ms
17ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=e221a1e9b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e221a1e9b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
via: 1.1 87641e1239bec79625df251e657d6b44.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 211427
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090e576acf00002c56dc8a8000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x6jQoa8dPoqzomgiGO0RidhXZhGsU6yWdhiVgr9tejk7An%2BWFAVfM%2BM1OLZKh3R%2FX5fgzgDckoIoZGNL4VMDmjr2eQxIa898PPWsbj3smUb7y3hw30R3KlJjaTZH8W9wPg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: LHR62-C3
cf-ray: 635d8e8aee002c56-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: QV0ZmOgBswrzUPfdpbyX36vxWomx9SfDE6cKGaDz39fa6fQrkHsv7w==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
4 KB 43ms
26ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=e221a1e9b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e221a1e9b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090e576acf00002c56d131b000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CYQH4gS4rHoi6ZCpiBwwpyc8931GWRTIsRugJA6S3G7eqq3f4Rjjj9Xh3uDspii97JjVD1QOIGqIdT7xX0aTPEAmmKk4DhFEVLwndY4B05Iyahnhi6YjeFoMp4%2BS8NsrSw%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 635d8e8aee012c56-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nz7Rkw-PRg15xJWBgQXWFIG-W-Wf6EGP23vvDMPq7qegsjTgyf5q2A==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
2 KB 32ms
16ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=e221a1e9b1
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e221a1e9b1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
via: 1.1 7654e8d5fbf72d40d262281571df7baf.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 211427
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090e576acf00002c56f5a6b000000001
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=657gTPTamkuYUuFlgkagnRJK0uBFp5M8zKlHdNR9wyj2B%2FIGMEQhuIv1lZkZ9%2FTT5rrUAgPlbR70YT68yuH6832UUEE9rkDzGDDwy3jK6lFV1VVuGqr7aDskmp3wYrHnBA%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: LHR62-C3
cf-ray: 635d8e8aee022c56-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: XoBBmapVAVZDLle0xp_PLnpZSh25JAiWUP1sCivMM0hldtYozhQ-5A==

GET
H2 200 _Gb_0fZA65Y Show response
www.youtube.com/embed/ Frame 50EB 50 KB
22 KB 99ms
69ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/blog-01/reaction-business-vs-prediction-business

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8262747ffc10e552657cfbffd9af09352f569de022c3ac45e3ced1139591b025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_Gb_0fZA65Y?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.greenfinancialgrp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.greenfinancialgrp.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Mar 2021 04:15:15 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=3xMoJ1vK2Xs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=JiWS6OkKmGo; Domain=.youtube.com; Expires=Wed, 22-Sep-2021 04:15:15 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+931; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 banner-bluebonnets.jpg
www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/styles/max_2600x2600/public/images/ 671 KB
672 KB 250ms
250ms Image
image/jpeg 35.166.50.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/styles/max_2600x2600/public/images/banner-bluebonnets.jpg?itok=uJU-kF60

Requested by

Host: www.greenfinancialgrp.com
URL: https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/css/css_CPjPwVTI5xttRvknzfKLCOAXY1bYZHg2XBtv1BxEZnA.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.166.50.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-50-210.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.greenfinancialgrp.com/sites/greenfinancialgrp.us1.advisor.ws/files/css/css_CPjPwVTI5xttRvknzfKLCOAXY1bYZHg2XBtv1BxEZnA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Jul 2020 18:30:48 GMT
server: nginx/1.18.0
etag: "5efe27d8-a7ce7"
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 25 Apr 2021 04:15:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 687335
x-xss-protection: 1; mode=block
x-isnaked-redirected: NO

GET
H2 200 foundation-icons.woff
cdn.jsdelivr.net/foundation-icons/3.0/ 31 KB
32 KB 19ms
6ms Font
font/woff 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://cdn.jsdelivr.net/foundation-icons/3.0/foundation-icons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 102311
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 32020
etag: W/"7d14-ES+w5JgDfy/qA2rbgQXkdjgVnqo"
x-served-by: cache-fra19179-FRA
date: Fri, 26 Mar 2021 04:15:15 GMT
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
888 B 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 03:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3130
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 26 Mar 2021 04:23:05 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/38c5f870/ Frame 50EB 339 KB
51 KB 37ms
21ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 221387
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52118
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:45:28 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/38c5f870/www-embed-player.vflset/ Frame 50EB 161 KB
59 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f47665d4cc35069e17635c7584d07b44765a0634fad1475d8a6a0a163c6d246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 53475
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59582
x-xss-protection: 0
expires: Fri, 25 Mar 2022 13:24:00 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 50EB 2 MB
507 KB 47ms
32ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e0d14229ae0f4d80a6e75cf1344fd3d32cccfa42e39ee154993eea24064eb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 23264
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519271
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:47:31 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/38c5f870/fetch-polyfill.vflset/ Frame 50EB 8 KB
8 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 23:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 102504
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 24 Mar 2022 23:46:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 50EB 15 KB
15 KB 10ms
3ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 527000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 20 Mar 2022 01:51:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
902 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRaleway:400,300,400italic,700,700italic%7CMontserrat:400,700%7CMontserrat:400,700%7CMontserrat:400,700&subset=latin,latin,latin,latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

232e2271004b27a93138ba81511552ed95a2cdb052d9b5150cb9cb1449bfd7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 04:15:15 GMT
server: ESF
date: Fri, 26 Mar 2021 04:15:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Mar 2021 04:15:15 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 8E95 20 KB
11 KB 26ms
25ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly93d3cuZ3JlZW5maW5hbmNpYWxncnAuY29tOjQ0Mw..&hl=en&type=image&v=5mNs27FP3uLBP3KBPib88r1g&theme=light&size=normal&cb=fvq52wbz0p7f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eIZbQYvI7X4kaI/6/aXhQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly93d3cuZ3JlZW5maW5hbmNpYWxncnAuY29tOjQ0Mw..&hl=en&type=image&v=5mNs27FP3uLBP3KBPib88r1g&theme=light&size=normal&cb=fvq52wbz0p7f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.greenfinancialgrp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.greenfinancialgrp.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Mar 2021 04:15:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-eIZbQYvI7X4kaI/6/aXhQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10884
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
75 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2041914554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.greenfinancialgrp.com%2Fblog-01%2Freaction-business-vs-prediction-business&ul=en-us&de=UTF-8&dt=The%20Reaction%20Business%20vs.%20the%20Prediction%20Business%20%7C%20Green%20Financial%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEIhAAAAAC~&jid=818531561&gjid=1835429029&cid=529081311.1616732116&tid=UA-8316478-16&_gid=998889662.1616732116&_r=1&_slc=1&cd5=false&cd1=greenfinancialgrp&cd2=2201&cd3=3490&cd9=0.975609756097561&cd8=0&cd7=ascend&z=1361127342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 04:15:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenfinancialgrp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2041914554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.greenfinancialgrp.com%2Fblog-01%2Freaction-business-vs-prediction-business&ul=en-us&de=UTF-8&dt=The%20Reaction%20Business%20vs.%20the%20Prediction%20Business%20%7C%20Green%20Financial%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEIhAAAAAC~&jid=1480182498&gjid=1921018369&cid=529081311.1616732116&tid=UA-180163353-1&_gid=998889662.1616732116&_r=1&_slc=1&z=1166308715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.greenfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Mar 2021 04:15:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.greenfinancialgrp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CRaleway:400,300,400italic,700,700italic%7CMontserrat:400,700%7CMontserrat:400,700%7CMontserrat:400,700&subset=latin,latin,latin,latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:14:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 590427
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Sat, 19 Mar 2022 08:14:49 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 02:34:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 92430
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Fri, 25 Mar 2022 02:34:46 GMT

GET
H3-Q050 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 06:34:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 510034
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Sun, 20 Mar 2022 06:34:42 GMT

GET
H3-Q050 200 1Ptsg8zYS_SKggPNyCg4TYFq.woff2
fonts.gstatic.com/s/raleway/v19/ 48 KB
48 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptsg8zYS_SKggPNyCg4TYFq.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71867ca10f1cd0c8ff620addb9fc27494f1681f0359a9e3fc8a0e26b7f93a102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.greenfinancialgrp.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 03:17:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:22:16 GMT
server: sffe
age: 3472
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49400
x-xss-protection: 0
expires: Sat, 26 Mar 2022 03:17:24 GMT

GET
H2 200 id
googleads.g.doubleclick.net/pagead/ Frame 50EB 113 B
945 B 37ms
14ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame 50EB 29 B
406 B 27ms
5ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 252
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 26 Mar 2021 04:26:04 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8E95 50 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly93d3cuZ3JlZW5maW5hbmNpYWxncnAuY29tOjQ0Mw..&hl=en&type=image&v=5mNs27FP3uLBP3KBPib88r1g&theme=light&size=normal&cb=fvq52wbz0p7f

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 51654
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Fri, 25 Mar 2022 13:54:22 GMT

GET
H3-Q050 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8E95 332 KB
130 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181693
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 01:47:03 GMT

GET
H3-Q050 200 remote.js
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 50EB 97 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 220834
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32696
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:54:42 GMT

GET
H3-Q050 200 zo4Agt5SJcnoXNS4M1MG4WyhXvbc_d-XVm4sRsRj_20.js
www.google.com/js/th/ Frame 50EB 33 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zo4Agt5SJcnoXNS4M1MG4WyhXvbc_d-XVm4sRsRj_20.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 10:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 62217
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12627
x-xss-protection: 0
expires: Fri, 25 Mar 2022 10:58:19 GMT

GET
H3-Q050 200 embed.js
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 50EB 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 220853
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7471
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:54:23 GMT

GET
DATA 200
OK truncated
/ Frame 50EB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjcq-eMKJtiaDAJ6l-sLcVM1iWGrJZJ16YnblmEEA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 50EB 2 KB
2 KB 384ms
364ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjcq-eMKJtiaDAJ6l-sLcVM1iWGrJZJ16YnblmEEA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:16 GMT
x-content-type-options: nosniff
server: fife
etag: "vc4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1691
x-xss-protection: 0
expires: Sat, 27 Mar 2021 04:15:16 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/_Gb_0fZA65Y/ Frame 50EB 138 KB
138 KB 94ms
69ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_Gb_0fZA65Y/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:16 GMT
x-content-type-options: nosniff
server: sffe
etag: "1615992505"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141374
x-xss-protection: 0
expires: Fri, 26 Mar 2021 06:15:16 GMT

GET
H3-Q050 200 zcxQtLYtZ5G2GyVY9VDwmkIUYDda59fqP0Xt7tDIOBI.js
www.google.com/js/bg/ Frame 8E95 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zcxQtLYtZ5G2GyVY9VDwmkIUYDda59fqP0Xt7tDIOBI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly93d3cuZ3JlZW5maW5hbmNpYWxncnAuY29tOjQ0Mw..&hl=en&type=image&v=5mNs27FP3uLBP3KBPib88r1g&theme=light&size=normal&cb=fvq52wbz0p7f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 06:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 165965
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5719
x-xss-protection: 0
expires: Thu, 24 Mar 2022 06:09:11 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8E95 102 B
180 B 18ms
17ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&co=aHR0cHM6Ly93d3cuZ3JlZW5maW5hbmNpYWxncnAuY29tOjQ0Mw..&hl=en&type=image&v=5mNs27FP3uLBP3KBPib88r1g&theme=light&size=normal&cb=fvq52wbz0p7f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 04:15:16 GMT

GET
H3-Q050 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 50EB 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 26 Mar 2021 04:15:16 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 50EB 0
38 B 8ms
7ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?SDYtkg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 04:15:16 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame EF96 7 KB
1 KB 17ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&cb=e0e94lr7i6vx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4g+z195Ms7MDBFtXZmzE4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&cb=e0e94lr7i6vx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.greenfinancialgrp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.greenfinancialgrp.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Mar 2021 04:15:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-4g+z195Ms7MDBFtXZmzE4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame EF96 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&cb=e0e94lr7i6vx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
age: 51654
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Fri, 25 Mar 2022 13:54:22 GMT

GET
H3-Q050 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame EF96 332 KB
130 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LfHFhUTAAAAABKy3nx_uNR_KMbsVpPkRMIooOCW&cb=e0e94lr7i6vx

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181693
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132755
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 04:06:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 01:47:03 GMT

POST
H3-Q050 200 log_event
www.youtube.com/youtubei/v1/ Frame 50EB 28 B
305 B 20ms
19ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_Gb_0fZA65Y?rel=0
X-YouTube-Client-Version: 1.20210322.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKaVdTNk9rS21HbyjTv_WCBg%3D%3D
X-YouTube-Ad-Signals: dt=1616732116111&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C651%2C366&vis=1&wgl=true&ca_type=image&bid=ANyPxKqFGAt2Nd_YDLMLmlXf0qRXJnd4b-AXmj9mLIlN0Y7Aa8ZEjtve1vr94DJ9KIYAhSvj5fDmzzXKj1Ah6U3kyuFWGqF-NQ

Response headers

date: Fri, 26 Mar 2021 04:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 26 Mar 2021 04:15:26 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ka-f.fontawesome.com
kit.fontawesome.com
static.doubleclick.net
t.e2ma.net
www.google-analytics.com
www.google.com
www.greenfinancialgrp.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:801::2006
2a00:1450:4001:802::200e
2a00:1450:4001:803::200a
2a00:1450:4001:809::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a04:4e42:3::621
35.166.50.210
52.4.192.32
03afb4dcfeab5b58b5f2409e8fcd33590a254cde03c5588876b3532b8707bda8
08f8cfc154c8e71b6d46f927cdf28b08e0176356d86478365c1b6fd41c446670
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1f47665d4cc35069e17635c7584d07b44765a0634fad1475d8a6a0a163c6d246
232e2271004b27a93138ba81511552ed95a2cdb052d9b5150cb9cb1449bfd7a9
2570ec2e9590ff8872d36959edcb4c32efa72034e4a8e344786d8b75192f71c8
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4583267bc4084d808f5832f3397b30913b0fbb5b637801363326fb2a277f2416
4f7ab515c1fbcaa1efa0a285fb5319959ea07a7cf40c759d21e91fc9b0d9afaf
51b3e5f750e4092cad84d14bd6d4cadffe41ef57e2899b60a31b0a2865661149
5e0d14229ae0f4d80a6e75cf1344fd3d32cccfa42e39ee154993eea24064eb63
71867ca10f1cd0c8ff620addb9fc27494f1681f0359a9e3fc8a0e26b7f93a102
73aed336c49f6e55dd79ffeff2174853c30d986f05fba372da1312b3f7b5472e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8262747ffc10e552657cfbffd9af09352f569de022c3ac45e3ced1139591b025
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
92ebc5eb51c7f516c514dcb4ddebdd12e0ef0c3497ceae8534275fc5ae6a579a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
ded3b1bbf666bc7d0bd1f8653d705aceafd3bea9d72bb92d60746a8fe73af688
e6c7ea463cb9fc35b65708d4cf96738d90871e5396a50f4536d1848c0d1544ff
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6

www.greenfinancialgrp.com Open in urlscan Pro 35.166.50.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

87 %IPv6

12 Domains

16 Subdomains

15 IPs

2 Countries

2806 kBTransfer

8664 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.greenfinancialgrp.com Open in urlscan Pro
35.166.50.210 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

87 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

2806 kB
Transfer

8664 kB
Size

0
Cookies

51 HTTP transactions
1 data transactions