redhandadvisors.com Open in urlscan Pro
192.254.188.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.redhandadvisors.com/rmisreport
Effective URL:
https://redhandadvisors.com/rmis-report/
Submission: On January 10 via api (January 10th 2023, 7:11:11 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 20 domains to perform 82 HTTP transactions. The main IP is 192.254.188.242, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is redhandadvisors.com.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.

This is the only time redhandadvisors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	192.254.188.242 192.254.188.242	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
82	22

26 192.254.188.242 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-188-242.unifiedlayer.com

www.redhandadvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redhandadvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	redhandadvisors.com 1 redirects www.redhandadvisors.com redhandadvisors.com	1 MB
20	gstatic.com fonts.gstatic.com www.gstatic.com	858 KB
9	google.com www.google.com — Cisco Umbrella Rank: 16	108 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 840 www.linkedin.com — Cisco Umbrella Rank: 712 px4.ads.linkedin.com — Cisco Umbrella Rank: 7528	3 KB
4	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 5605 track.hubspot.com — Cisco Umbrella Rank: 4433	3 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7182 forms-na1.hsforms.com — Cisco Umbrella Rank: 13289	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	152 KB
2	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 5951	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 12274	316 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3658	548 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1787	377 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1579	5 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4178	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5931	3 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4131	63 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 7830	25 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4442	905 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
82	20

	Domain	Requested by
25	redhandadvisors.com	redhandadvisors.com
11	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	js.hsforms.net redhandadvisors.com www.gstatic.com www.google.com
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	track.hubspot.com
3	forms.hsforms.com	js.hsforms.net redhandadvisors.com
3	www.googletagmanager.com	redhandadvisors.com js.hsadspixel.net www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	api.hubapi.com	js.hsadspixel.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.hsforms.net	redhandadvisors.com js.hsforms.net
1	www.google.de	redhandadvisors.com
1	px4.ads.linkedin.com	redhandadvisors.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	forms-na1.hsforms.com	redhandadvisors.com
1	snap.licdn.com	js.hsadspixel.net
1	forms.hubspot.com	js.hscollectedforms.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-scripts.com	redhandadvisors.com
1	fonts.googleapis.com	redhandadvisors.com
1	www.redhandadvisors.com	1 redirects
82	26

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.linkedin.com
www.twitter.com
meetings.hubspot.com
www.gallagherbassett.com
www.origamirisk.com
riskonnect.com
www.klear.ai
www.ventivtech.com
www.travelers.com
www.corvel.com
www.pcisvision.com
calendly.com

Subject Issuer	Validity	Valid
*.redhandadvisors.com R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://redhandadvisors.com/rmis-report/
Frame ID: 64451D234CBC43928B94BA05F5914125
Requests: 59 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 383ED3D971017D0CCD144A8D4ECD541D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9yZWRoYW5kYWR2aXNvcnMuY29tOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=r2wskxo48pxm
Frame ID: E0EDE71D9472FE63E2BD56EC24C88A9A
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9yZWRoYW5kYWR2aXNvcnMuY29tOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=r2wskxo48pxm
Frame ID: F93A16867289A0F00E8C734E867946E8
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: B59C6163DEB321E978C133A1A209ECED
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RMIS Report | Redhand Advisorsrh_Artboard 1_logorh_Artboard 1_logorh_Artboard 1_logoRH_gallagher_logoOR_Artboard 17_logoOR_Artboard 16_logoOR_Artboard 18_logorh_Artboard 1_footer-logo

Page URL History Show full URLs

https://www.redhandadvisors.com/rmisreport HTTP 301
https://redhandadvisors.com/rmis-report/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

82
Requests

99 %
HTTPS

91 %
IPv6

20
Domains

26
Subdomains

22
IPs

3
Countries

3058 kB
Transfer

6486 kB
Size

20
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/redhandadvisors/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RedhandAdvisors/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10129337

Search URL Search Domain Scan URL

URL: https://www.twitter.com/redhandadvisors

Search URL Search Domain Scan URL

URL: https://meetings.hubspot.com/redhand-pat/30-minute-intro
Title: Schedule a Meeting

Search URL Search Domain Scan URL

URL: https://www.gallagherbassett.com/
Title: RH_gallagher_logo

Search URL Search Domain Scan URL

URL: https://www.origamirisk.com/
Title: OR_Artboard 17_logo

Search URL Search Domain Scan URL

URL: https://riskonnect.com/
Title: OR_Artboard 16_logo

Search URL Search Domain Scan URL

URL: https://www.klear.ai/
Title: .klr-1{fill:#0c1d5a;}.klr-2{fill:url(#lg-klr);}.klr-3{fill:url(#lg-klr-2);}

Search URL Search Domain Scan URL

URL: https://www.ventivtech.com/
Title: .vntv-1{fill:#78787b;}.vntv-2{fill:#fcd91c;}.vntv-3{fill:#fbb326;}

Search URL Search Domain Scan URL

URL: https://www.travelers.com/
Title: OR_Artboard 18_logo

Search URL Search Domain Scan URL

URL: https://www.corvel.com/
Title: .crvl-1{fill:#56636c;}.crvl-2{fill:#4e8abe;}.crvl-3{fill:#4db3d0;}

Search URL Search Domain Scan URL

URL: https://www.pcisvision.com/
Title: .pcis-1{fill:#2765a1;}.pcis-2{fill:#e88e41;}.pcis-3{fill:#8bc051;}.pcis-4{fill:#e99043;}.pcis-5{fill:#e99144;}.pcis-6{fill:#cd8b52;}.pcis-7{fill:#cd8b51;}.pcis-8{fill:#b4855f;}.pcis-9{fill:#a88366;}.pcis-10{fill:#99816e;}.pcis-11{fill:#847c79;}.pcis-12{fill:#827b78;}.pcis-13{fill:#62738a;}.pcis-14{fill:#476e97;}.pcis-15{fill:#3c6b9c;}.pcis-16{fill:#3068a1;}.pcis-17{fill:#396a9f;}.pcis-18{fill:#3169a2;}.pcis-19{fill:#e06b27;}.pcis-20{fill:#62a14e;}.pcis-21{fill:#8faf34;}.pcis-22{fill:#d44034;}

Search URL Search Domain Scan URL

URL: https://calendly.com/redhand/15-minute-meeting
Title: Schedule a Meeting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.redhandadvisors.com/rmisreport HTTP 301
https://redhandadvisors.com/rmis-report/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3373196%26time%3D1673377864976%26url%3Dhttps%253A%252F%252Fredhandadvisors.com%252Frmis-report%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&liSync=true&e_ipv6=AQKbAaSouXYUJwAAAYWdF98ihqdGcVKkcVCvS0lm2wGyA-M2XC9ux5i8iGBV8sqmMs6Q_QI

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
redhandadvisors.com/rmis-report/
Redirect Chain

https://www.redhandadvisors.com/rmisreport
https://redhandadvisors.com/rmis-report/

296 KB
72 KB

690ms
689ms

Document
text/html

192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://redhandadvisors.com/rmis-report/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-242.unifiedlayer.com
Software: Apache /
Resource Hash: 86b68f6185b4c4f70cffb5f1bdf580833a5dea883da040bbece3354b43b96c2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 10 Jan 2023 19:11:03 GMT
link: <https://redhandadvisors.com/wp-json/>; rel="https://api.w.org/", <https://redhandadvisors.com/wp-json/wp/v2/pages/145>; rel="alternate"; type="application/json", <https://redhandadvisors.com/?p=145>; rel=shortlink
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: max-age=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 10 Jan 2023 19:11:02 GMT
expires: Tue, 10 Jan 2023 20:11:03 GMT
location: https://redhandadvisors.com/rmis-report/
server: Apache
x-redirect-by: redirection

GET
H2 200 style.min.css
redhandadvisors.com/site/wp-includes/css/dist/block-library/ 93 KB
17 KB 479ms
476ms Stylesheet
text/css 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Tue, 15 Nov 2022 19:56:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 classic-themes.min.css
redhandadvisors.com/site/wp-includes/css/ 217 B
316 B 324ms
321ms Stylesheet
text/css 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 02 Nov 2022 07:06:25 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 189

GET
H2 200 ethos.css
redhandadvisors.com/site/wp-content/themes/pro/framework/dist/css/site/stacks/ 179 KB
46 KB 480ms
478ms Stylesheet
text/css 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/framework/dist/css/site/stacks/ethos.css?ver=4.3.3

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

17debabfa95fc0e13577ca5f0dbb30572c4b12c47744f5c33f75cb59fcd9a9f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 style.css
redhandadvisors.com/site/wp-content/themes/pro-child/ 224 B
226 B 326ms
324ms Stylesheet
text/css 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro-child/style.css?ver=4.3.3

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

d0592166a27d65248319364e73f373c14e69a5329e3437aebac6fb2a7d7ae088

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Thu, 21 Jan 2021 01:41:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 171

GET
H2 200 style.css
redhandadvisors.com/site/wp-content/plugins/newsletter/ 6 KB
2 KB 326ms
324ms Stylesheet
text/css 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/plugins/newsletter/style.css?ver=7.4.2

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 30 Mar 2022 21:22:24 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1845

GET
H2 200 jquery.min.js Show response
redhandadvisors.com/site/wp-includes/js/jquery/ 88 KB
39 KB 479ms
477ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 02 Nov 2022 07:06:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 jquery-migrate.min.js Show response
redhandadvisors.com/site/wp-includes/js/jquery/ 11 KB
5 KB 329ms
327ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4618

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
46 KB 63ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6KSZD4

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

882f26b6e65febcb9fb7ca540809d125ad247dc4d09819b6b87aa6327d3f0cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46354
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 19:11:04 GMT

GET
H2 200 wp-emoji-release.min.js Show response
redhandadvisors.com/site/wp-includes/js/ 18 KB
5 KB 470ms
470ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 25 May 2022 07:04:15 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5321

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,100,100i,500,500i,900,900i&subset=latin,latin-ext&display=auto

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Jan 2023 19:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 19:11:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Jan 2023 19:11:04 GMT

GET
H2 200 rs6.css
redhandadvisors.com/site/wp-content/plugins/revslider/public/assets/css/ 58 KB
16 KB 321ms
319ms Stylesheet
text/css 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.19

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

9435c8c132bbfd387d4b14f9e07d60c0ba7fb5a1eca2b49882f62b2ef113eee8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 30 Mar 2022 21:22:37 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 16676

GET
H2 200 cs.2155f74.js Show response
redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/js/site/ 241 KB
99 KB 322ms
320ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/js/site/cs.2155f74.js

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

ceb1d7c0530eaa3dfec7d0f3aae84c2612c57a9e1b7ed9946a5c3bb5b3f2dd19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 regenerator-runtime.min.js Show response
redhandadvisors.com/site/wp-includes/js/dist/vendor/ 6 KB
3 KB 221ms
219ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 25 May 2022 07:04:15 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2675

GET
H2 200 wp-polyfill.min.js Show response
redhandadvisors.com/site/wp-includes/js/dist/vendor/ 17 KB
8 KB 319ms
318ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 02 Nov 2022 07:06:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7621

GET
H2 200 index.js Show response
redhandadvisors.com/site/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 330ms
329ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 30 Mar 2022 21:22:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3984

GET
H2 200 20166480.js Show response
js.hs-scripts.com/ 2 KB
905 B 41ms
21ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/20166480.js?integration=WordPress
Requested by: Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe63fa62bc1e9e2096883e63ea4726488a3875cf420f6f555603ccf36511f1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: ad10a12d-5fcb-4214-b658-911fd5b32d24
age: 31
cf-polished: origSize=2012
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 19:10:33 GMT
server: cloudflare
x-trace: 2B3C6E9C76B17F294E7620E812078FE60D2845B3B9000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://redhandadvisors.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7877b7641caf5bf9-FRA
expires: Tue, 10 Jan 2023 19:12:04 GMT

GET
H2 200 rbtools.min.js Show response
redhandadvisors.com/site/wp-content/plugins/revslider/public/assets/js/ 126 KB
58 KB 471ms
470ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

5c9203860ae657336596c738730f9d362e00bb9948a0f581fb074270c328e26b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 30 Mar 2022 21:22:37 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 rs6.min.js Show response
redhandadvisors.com/site/wp-content/plugins/revslider/public/assets/js/ 378 KB
131 KB 322ms
322ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.19

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

3b0b8378134e79a3a7058080f4d617969ac9b159d448be7b15e595719e5c9518

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 30 Mar 2022 21:22:37 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 x.js Show response
redhandadvisors.com/site/wp-content/themes/pro/framework/dist/js/site/ 89 KB
34 KB 324ms
323ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/framework/dist/js/site/x.js?ver=4.3.3

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

b15e4cfad3dc2c17e903180bb2c243ea098279f4f25287e48b0bf7c3ee72097a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 comment-reply.min.js Show response
redhandadvisors.com/site/wp-includes/js/ 3 KB
2 KB 318ms
317ms Script
application/javascript 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-includes/js/comment-reply.min.js?ver=6.1.1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 25 May 2022 07:04:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1477

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 507 KB
159 KB 65ms
27ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad15c40ccf3ccb707131537f73a780630e5121e801d7018149b7e6acfbc9e33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
x-amz-version-id: 04rrVpOOqjW5A_5g_yrOKdVQxIL._UZR
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 45
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2556/bundles/project-v2.js&cfRay=7877b64c38fd903a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 11:36:22 UTC
server: cloudflare
etag: W/"1efdfa7c7074b6c73dde3c620d8fc7ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbMBl3gr6B7OGYP12Vkgq0LQwaXr0ercvmH3dyCcFwqxqTEvvJeCP4%2FiVqvMvr8rwwxUFB6tU%2BJauiIVcINDx5vtnMJNiiO6QCEwR4VEXRNKIFyU1kP%2FoXCjhzeXaJj%2BOVBM0app2BfWOXo6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7877b762fc80907c-FRA
x-amz-cf-id: u4Cn0Nf5SXXKxwzBFa1A0eKy0nyMk83X5Ispf0Moh7cvbDOSviFBUA==
x-hs-target-asset: forms-embed/static-1.2556/bundles/project-v2.js

GET
H2 200 fa-solid-900.woff2
redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/ 138 KB
139 KB 169ms
168ms Font
font/woff2 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/fa-solid-900.woff2

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://redhandadvisors.com/rmis-report/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
accept-ranges: bytes
content-length: 140996
content-type: font/woff2

GET
H2 200 fa-brands-400.woff2
redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/ 77 KB
77 KB 169ms
168ms Font
font/woff2 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/fa-brands-400.woff2

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://redhandadvisors.com/rmis-report/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
accept-ranges: bytes
content-length: 78464
content-type: font/woff2

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 108ms
30ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,100,100i,500,500i,900,900i&subset=latin,latin-ext&display=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:34:12 GMT
x-content-type-options: nosniff
age: 517012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 19:34:12 GMT

GET
H2 200 fa-light-300.woff2
redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/ 185 KB
187 KB 168ms
168ms Font
font/woff2 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/fa-light-300.woff2

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://redhandadvisors.com/rmis-report/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
accept-ranges: bytes
content-length: 189648
content-type: font/woff2

GET
H2 200 fa-regular-400.woff2
redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/ 170 KB
171 KB 168ms
167ms Font
font/woff2 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://redhandadvisors.com/site/wp-content/themes/pro/cornerstone/assets/dist/fonts/fa-regular-400.woff2

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://redhandadvisors.com/rmis-report/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Wed, 09 Jun 2021 18:13:12 GMT
server: Apache
accept-ranges: bytes
content-length: 173596
content-type: font/woff2

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 110ms
35ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,100,100i,500,500i,900,900i&subset=latin,latin-ext&display=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:33:00 GMT
x-content-type-options: nosniff
age: 517084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 19:33:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 122ms
67ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,100,100i,500,500i,900,900i&subset=latin,latin-ext&display=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 09:42:13 GMT
x-content-type-options: nosniff
age: 466131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 09:42:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 112ms
57ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,100,100i,500,500i,900,900i&subset=latin,latin-ext&display=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:33:08 GMT
x-content-type-options: nosniff
age: 517076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 19:33:08 GMT

GET
H2 200 rh_RMIS_report_2022.png
redhandadvisors.com/site/wp-content/uploads/2022/04/ 341 KB
342 KB 461ms
460ms Image
image/png 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redhandadvisors.com/site/wp-content/uploads/2022/04/rh_RMIS_report_2022.png

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

a18c3506f7c682e28341e59140ff7013ff395679927218f942914563346e6ac3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Sun, 10 Apr 2022 22:29:36 GMT
server: Apache
accept-ranges: bytes
content-length: 349520
content-type: image/png

GET
H2 200 LineSlip_Logo.png
redhandadvisors.com/site/wp-content/uploads/2022/04/ 16 KB
16 KB 266ms
265ms Image
image/png 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redhandadvisors.com/site/wp-content/uploads/2022/04/LineSlip_Logo.png

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

ac93813577a57ac535c749aaa9642bd72c7b20bd8045c29a5e15f1410a9c6fb1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:04 GMT
last-modified: Sun, 10 Apr 2022 22:48:18 GMT
server: Apache
accept-ranges: bytes
content-length: 15974
content-type: image/png

GET
H2 200 Five-Sigma.png
redhandadvisors.com/site/wp-content/uploads/2022/04/ 1 KB
1 KB 176ms
174ms Image
image/png 192.254.188.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://redhandadvisors.com/site/wp-content/uploads/2022/04/Five-Sigma.png

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.254.188.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-254-188-242.unifiedlayer.com

Software

Apache /

Resource Hash

6be572e3ac412d120d63c7d9f6d69ff763ea311939dd89dece1b49e07f284564

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/rmis-report/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Tue, 10 Jan 2023 19:11:05 GMT
last-modified: Sun, 10 Apr 2022 22:48:18 GMT
server: Apache
accept-ranges: bytes
content-length: 1326
content-type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6KSZD4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Jan 2023 18:07:26 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 10 Jan 2023 20:07:26 GMT

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/20166480/86f0c8b4-7ad7-4506-8eba-5b481fd8c3d2/ 23 KB
5 KB 225ms
193ms XHR
application/json 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20166480/86f0c8b4-7ad7-4506-8eba-5b481fd8c3d2/json?hs_static_app=forms-embed&hs_static_app_version=1.2556&X-HubSpot-Static-App-Info=forms-embed-1.2556

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b6a63c5f700b206ed44b8bf4464d4dd14399b99f1cd1f24232c26b8a917054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://redhandadvisors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 10 Jan 2023 19:11:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: fc657fd0-42cf-4112-ac58-f5f13a9e6068
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BFD2E4A2B3307321F43198C0B143F65CD017895ED000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://redhandadvisors.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7877b765a9e78fc5-FRA

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 176ms
152ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20166480.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7

Request headers

Referer: https://redhandadvisors.com/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
x-amz-version-id: SN4HXBautbT5xHa4DdPckLpyluwLE8QR
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=7877b76598e22bd7-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:49:13 UTC
server: cloudflare
etag: W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7877b76598e22bd7-FRA
x-amz-cf-id: vDDufHPOWC_dlMGRv2Vllpc0xjMQrGMTUn1KrGUrEr_hkkt4sJOkEw==
x-hs-target-asset: collected-forms-embed-js/static-1.312/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/20166480/ 202 KB
63 KB 62ms
35ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/20166480/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20166480.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5a1062dc1d2b96722584846be08bc187fd70fefaa7c13a662b160bee389b89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
x-amz-version-id: LoOpLVYjX2F8vgzg2T2cjFiEJ7oq1fZx
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MA256DSZKDTFQX7N
age: 30
x-amz-server-side-encryption: AES256
x-amz-id-2: hxBjiPFcgCdSw28elu0iKEE4/brciPczCcsHF63j7Dox+0+9/t1J7ZJkHwEk9/Mj6/xzBKjmImM=
last-modified: Thu, 08 Dec 2022 23:45:25 GMT
server: cloudflare
etag: W/"d67285c6b2e28a5493e930ea143cb0ec"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://redhandadvisors.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7877b765ae669ba6-FRA
expires: Tue, 10 Jan 2023 19:15:33 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 45ms
22ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20166480.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04fcb0932b99d355532ecdad3ff051e3c503b176dc1176dddc017e7f1523516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
x-amz-version-id: Pzk5Y6yW4FTLubLBTP3MgGAHjRxytAJ0
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 523
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.304/bundles/pixels-release.js&cfRay=7877aa9e0d199159-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Jan 2023 01:54:30 UTC
server: cloudflare
etag: W/"83a5a8783c71c1074cc34ecd8c8615de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7877b7659b3e90bb-FRA
x-amz-cf-id: CIx2UvVMC6WdFQsNk4ISYlyMQOAfPJINvrtqvHodQSiMEcSjOqAlOA==
x-hs-target-asset: adsscriptloaderstatic/static-1.304/bundles/pixels-release.js

GET
H2 200 20166480.js Show response
js.hs-analytics.net/analytics/1673377800000/ 65 KB
20 KB 50ms
27ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1673377800000/20166480.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20166480.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e71539ec35d9ab5bc65ec77cb9c0dbf7967bdc9eb817967e5f5887c607defa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MA29BP054QDAM8SW
age: 31
x-amz-server-side-encryption: AES256
x-amz-id-2: Gu+UWE2pK/Pf9Y+Vk+rWepvWJPGKn5DAHX+PduCXdUSZAaHyODiN2DNwdaRX4SN3VGt2OZZyfvU=
last-modified: Sat, 07 Jan 2023 02:42:42 GMT
server: cloudflare
etag: W/"c127d33b068ae38d52cf94bf45eabd0c"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7877b76598479a23-FRA
expires: Tue, 10 Jan 2023 19:15:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 22ms
19ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1658109956&t=pageview&_s=1&dl=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&ul=en-us&de=UTF-8&dt=RMIS%20Report%20%7C%20Redhand%20Advisors&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=903884830&gjid=1310076466&cid=1007868890.1673377865&tid=UA-73378966-2&_gid=1554370905.1673377865&_r=1&gtm=2wg190T6KSZD4&z=1537361933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redhandadvisors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 19:11:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redhandadvisors.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 132 B
871 B 164ms
144ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=20166480

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5126853cf77c4030e8950e7b7a1d24010eaab2009771f761687dff49f32576e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cca89945-8c74-475a-9ce3-ea083ea24861
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BFB44203704A209B779B330C4C4D2E5AADE67088E000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://redhandadvisors.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQR%2FngbYkN%2FuqQzb%2FFWSf3ony5L6tlAeBCPGM%2BttugC3lyCiT6TkwuozHbZgY2lhULQ1ibDUNpMdJkD13MpHi3iTsRQ7cYpMOk700UrGGcQ0OC063djQKe%2BKw1dVzY0Mabh9mpgGb8GZEaBH"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7877b7662eb6995d-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 116 B
1022 B 196ms
178ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=20166480&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1213c52cc203bcb625c80321437a13da89fd32844a1a3a2d26562a5f8bcba759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://redhandadvisors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 578e7d71-928e-40ab-a673-24ff76331fff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://redhandadvisors.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RryOgNUFiBUjwr7t10Bdh0wE6zrdA5%2Bl6z4AD7%2FGSr5bPgt1bhL55vi%2Bze6P3Bp1uARu7iioRdVl5Ntd1e14pSZd7Amb6wL8UpA2NhXC4gscequr2vfQFq5h%2FYzeV4D5hxWm7Dx0o%2BCJJRDxXRp0"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7877b766ff7f9060-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ Frame 383E 507 KB
158 KB 31ms
30ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad15c40ccf3ccb707131537f73a780630e5121e801d7018149b7e6acfbc9e33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
x-amz-version-id: 04rrVpOOqjW5A_5g_yrOKdVQxIL._UZR
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 45
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2556/bundles/project-v2.js&cfRay=7877b64c38fd903a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 11:36:22 UTC
server: cloudflare
etag: W/"1efdfa7c7074b6c73dde3c620d8fc7ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSSHHxQwrPbpVnzR0ut9X15AbU%2FcpWEhGuh0VZJptIx0k5lee02ibT0njQyGwQrbnmzY%2B53RfOuGVgDzJbymZ7M%2FQvqRLd13l14TMdJAlfEzq5NlVuJGVGWp2wNp5QI0rGKEuLpi1CWF0lWC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7877b766ec19907c-FRA
x-amz-cf-id: u4Cn0Nf5SXXKxwzBFa1A0eKy0nyMk83X5Ispf0Moh7cvbDOSviFBUA==
x-hs-target-asset: forms-embed/static-1.2556/bundles/project-v2.js

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
53 KB 59ms
30ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-430142946

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e28d8b4c930df7c97ad1b2c9d20cc98d9073e88e43478902ed1c7a9645855828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54230
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 19:11:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
53 KB 54ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-430142946&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6KSZD4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a647ce5cde20a6bdc2ad1fcf9a985129d7eaed52ba09ebe261e97d62cd1e2c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54239
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 19:11:04 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 64ms
15ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=79947
accept-ranges: bytes
content-length: 4777

GET
H3 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/ 2 B
720 B 154ms
142ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/adwords/enhanced-conversion-event-settings/json?portalId=20166480

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9f15b50c-4a98-4473-9abd-dbcceec894be
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2BB7BD8889F2C4DD4FBE6F3E3277503C32E783D166000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://redhandadvisors.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9ZOqo7h%2B6NCQ1flqv%2BoKZEfdMojoA7IkJXZPwbcakPJbJrL2sPE6Oy%2F8Xtkm57Z2BYJj3mbB2eT%2FO%2B20g7w9dOGr3QuYgtTKlU2cDF4089s%2B4vQL8bPEgEwf8c48Nl9TGxHSEwhHdw9SVq6"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7877b7672b472c19-FRA
access-control-allow-headers: *

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 169ms
157ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 8532ce4b-0cde-4fcb-a4a6-91a8f9539988
x-trace: 2B3BA6F62DF0BEE76C9BBD56C21424ED0C0BCF42D0000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7877b7677813bbc2-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 195ms
48ms Script
text/javascript 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_49019928_2ad2_412b_bbfc_a64b880fc81b&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0a1e336fc7db11d9620d172bf064980626160994eee0f512a95b44508fa00e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 638
x-xss-protection: 1; mode=block
expires: Tue, 10 Jan 2023 19:11:05 GMT

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
437 B 311ms
201ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 3e31282c-4bcd-4f1e-af65-fef81041fbe3
x-trace: 2BF6DF0F150C6CC33135C500CD014670A726737927000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7877b7689a4291ef-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/430142946/ 2 KB
1 KB 150ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/430142946/?random=1673377864961&cv=11&fst=1673377864961&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&tiba=RMIS%20Report%20%7C%20Redhand%20Advisors&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=183231878.1673377865&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-430142946&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b531656713cac2e434112f9be32f47c4c55ed01ba4d0473f715b860a42cb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 19:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3373196/domain/redhandadvisors.com/ 36 B
377 B 93ms
7ms XHR
application/json 2600:9000:206f:4e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3373196/domain/redhandadvisors.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://redhandadvisors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:53:54 GMT
content-encoding: gzip
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1031
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: hct2HA2lpg_6S5wCP_xrxD0lQAiWJUVAJ5BDPB_UvSBT8HwJTjy2Vw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3373196%26time%3D1673377864976%26url%3Dhttps%253A%252F%252Fredhandadvisors.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&liSync=true&e_ipv6=AQKbAaSouXYUJwAAAYWdF98ihqdGcVKkcVCvS0lm2wGy...

0
264 B

132ms
109ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&liSync=true&e_ipv6=AQKbAaSouXYUJwAAAYWdF98ihqdGcVKkcVCvS0lm2wGyA-M2XC9ux5i8iGBV8sqmMs6Q_QI
Requested by: Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BE0F7BABFB9E4D3DAC65BD852010B922 Ref B: FRAEDGE2017 Ref C: 2023-01-10T19:11:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXx7aVBn0I54HOlgjA7mQ==

Redirect headers

date: Tue, 10 Jan 2023 19:11:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9CCBCE7A4C654F68BB9A854ABA7B5641 Ref B: FRAEDGE1218 Ref C: 2023-01-10T19:11:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3373196&time=1673377864976&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&liSync=true&e_ipv6=AQKbAaSouXYUJwAAAYWdF98ihqdGcVKkcVCvS0lm2wGyA-M2XC9ux5i8iGBV8sqmMs6Q_QI
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXx7aU+8m5j0FS1oQjKvA==

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
358 B 156ms
155ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=8

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 709747d3-f5dd-4b3f-ab7f-e70b497f48c3
x-trace: 2BF8761EE3456998BD0C26AAD088292CBC920B2ABF000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7877b76829a8bbc2-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 403 KB
162 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_49019928_2ad2_412b_bbfc_a64b880fc81b&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redhandadvisors.com/
Origin: https://redhandadvisors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 11:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 11:16:50 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/430142946/ 42 B
64 B 110ms
54ms Image
image/gif 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/430142946/?random=1673377864961&cv=11&fst=1673377200000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&tiba=RMIS%20Report%20%7C%20Redhand%20Advisors&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3588353034&rmt_tld=0&ipr=y

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 19:11:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/430142946/ 42 B
548 B 128ms
53ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/430142946/?random=1673377864961&cv=11&fst=1673377200000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&tiba=RMIS%20Report%20%7C%20Redhand%20Advisors&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3588353034&rmt_tld=1&ipr=y

Requested by

Host: redhandadvisors.com
URL: https://redhandadvisors.com/rmis-report/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 19:11:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame E0ED 42 KB
22 KB 64ms
63ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9yZWRoYW5kYWR2aXNvcnMuY29tOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=r2wskxo48pxm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e53bde957ffc1b0ff21f492398aea2f09547c124fdd3442e15636ba16b4449a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ejQWg_0dLXwq3h96RiDmdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redhandadvisors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22622
content-security-policy: script-src 'report-sample' 'nonce-ejQWg_0dLXwq3h96RiDmdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 19:11:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame F93A 43 KB
22 KB 63ms
62ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e319bc5f0e668e7ff8836fb3a9b80c0ed8a7dccf55c6417248f9e661192e42cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D-0unffjX_ny1rxBrg6bsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22947
content-security-policy: script-src 'report-sample' 'nonce-D-0unffjX_ny1rxBrg6bsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 19:11:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F93A 52 KB
24 KB 51ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9yZWRoYW5kYWR2aXNvcnMuY29tOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=r2wskxo48pxm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 17:21:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F93A 403 KB
161 KB 61ms
30ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 11:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 11:16:50 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame E0ED 52 KB
24 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 17:21:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame E0ED 403 KB
161 KB 54ms
30ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 11:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 11:16:50 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F93A 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 19:40:09 GMT
x-content-type-options: nosniff
age: 430256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 12 Jan 2023 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F93A 15 KB
15 KB 82ms
26ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:20:58 GMT
x-content-type-options: nosniff
age: 381007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 09:20:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F93A 15 KB
15 KB 83ms
28ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 22:15:01 GMT
x-content-type-options: nosniff
age: 420964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 22:15:01 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame F93A 102 B
134 B 49ms
48ms Other
text/javascript 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9yZWRoYW5kYWR2aXNvcnMuY29tOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=r2wskxo48pxm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 10 Jan 2023 19:11:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame E0ED 102 B
134 B 49ms
48ms Other
text/javascript 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9yZWRoYW5kYWR2aXNvcnMuY29tOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=r2wskxo48pxm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 10 Jan 2023 19:11:05 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame B59C 7 KB
1 KB 52ms
51ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d93e54e8452d77c0ae8b26fe825a5b030fb5b958f9da0f6cbb2eb855bf605bfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--5MoUE2vwVTJmcJNWxcZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redhandadvisors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1120
content-security-policy: script-src 'report-sample' 'nonce--5MoUE2vwVTJmcJNWxcZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 19:11:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B59C 52 KB
24 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 17:21:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B59C 403 KB
161 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 11:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 11:16:50 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
901 B 169ms
151ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=20166480&ct=standard-page&rcu=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&pu=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&t=RMIS+Report+%7C+Redhand+Advisors&cts=1673377865737&vi=8b6664e4e10726a240bccee257ec012c&nc=true&u=213084171.8b6664e4e10726a240bccee257ec012c.1673377865733.1673377865733.1673377865733.1&b=213084171.1.1673377865734&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7be211f2-1a6f-4634-baf7-190b524465f2
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPMDy7Pi2fu7YJ%2Be9v4i4Zy%2FKjT9YocR5ihcTJrf0f9nmnaNHZdpC%2BZofmL9Xg%2BlK8sdGGiQB34lNppkWXugI7VnaYeOaRkmi8fOcPBIz%2F8%2Bm7odMKV1h4WLdNIqWTNNBX24rfPKcqXRQZ%2BvbGBd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7877b76cfbb590ae-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
553 B 225ms
213ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=86f0c8b4-7ad7-4506-8eba-5b481fd8c3d2&fci=49019928-2ad2-412b-bbfc-a64b880fc81b&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=20166480&ct=standard-page&rcu=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&pu=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&t=RMIS+Report+%7C+Redhand+Advisors&cts=1673377865738&vi=8b6664e4e10726a240bccee257ec012c&nc=true&u=213084171.8b6664e4e10726a240bccee257ec012c.1673377865733.1673377865733.1673377865733.1&b=213084171.1.1673377865734&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c23859ef-c8c8-4865-ab08-fb7e61e67da1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh9sU3mnFW%2FYPN%2BK7WRJ9VnK0cQtNqpq60ld1pm8p5fXJE4hBHE2mXa8hcxSYoLvxs72yb93sznz9wkuKmozadqkHANUst8hzGUe4x7Y3k5iCk7XnaMlaICL%2BQ9WEfvojy62ciYDtrzyGFSvAZ9B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7877b76cfbbc90ae-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
556 B 184ms
172ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=86f0c8b4-7ad7-4506-8eba-5b481fd8c3d2&fci=49019928-2ad2-412b-bbfc-a64b880fc81b&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=20166480&ct=standard-page&rcu=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&pu=https%3A%2F%2Fredhandadvisors.com%2Frmis-report%2F&t=RMIS+Report+%7C+Redhand+Advisors&cts=1673377865739&vi=8b6664e4e10726a240bccee257ec012c&nc=true&u=213084171.8b6664e4e10726a240bccee257ec012c.1673377865733.1673377865733.1673377865733.1&b=213084171.1.1673377865734&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redhandadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e7384422-887c-490f-9f42-4b3b925512af
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygStLOJBe%2Bp2OczFCqTPL27PfC3JlEalQS7ijIqEhw%2BswuUhIuEyxiruubQrm7g5vi0DXLiL9GgLC3y1C1o0eZeadbsJAwaMIVcVi7mrqyz%2Fg8ZwJ3vrnZxlMBb3GnIJAnelkkN%2F3YLscmFJ8X%2F1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7877b76cfbbb90ae-FRA
x-robots-tag: none

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame B59C 39 KB
24 KB 100ms
100ms XHR
application/json 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e004a47f4de7a500085bcfcd6681577f5662b13a89429d7b3761644a9c0e124

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24053
x-xss-protection: 1; mode=block
expires: Tue, 10 Jan 2023 19:11:05 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B59C 600 B
624 B 14ms
14ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:16:51 GMT
x-content-type-options: nosniff
age: 518054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 11 Jan 2023 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B59C 530 B
554 B 16ms
15ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:23:32 GMT
x-content-type-options: nosniff
age: 352053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 13 Jan 2023 17:23:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B59C 665 B
689 B 15ms
14ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 18:58:22 GMT
x-content-type-options: nosniff
age: 519163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 11 Jan 2023 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B59C 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:20:58 GMT
x-content-type-options: nosniff
age: 381007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 09:20:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B59C 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 17:40:57 GMT
x-content-type-options: nosniff
age: 523808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 04 Jan 2024 17:40:57 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B59C 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 22:15:01 GMT
x-content-type-options: nosniff
age: 420964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 22:15:01 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame B59C 38 KB
38 KB 49ms
49ms Image
image/jpeg 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AD1IbLBQD1TK9KNsoX0915JDX0i_OsjVMhrmgxy3cFjgmYJXT8G0qJ2kZpELkCH3SG7awLFNiC85BORW3MXmGr6GOIXcudYMxpaKCGr3mUhHFyQHBj-jf_Dbbs91T0tBJKl8_t1C9o6QupGZjyC_THEUy6trMcimzhbn7HFj0qFOs0sysDSGMhXjJ7r5tKiruaQeS8VQY5c2n4cyoOfzgOYGiDXiV5dQRA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1eb9b22c8d57136bed4c06f4946e9ba5f2fc1bff55934229b5d687f64a579bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:11:05 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38486
x-xss-protection: 1; mode=block
expires: Tue, 10 Jan 2023 19:11:05 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:08:49	Name: _GRECAPTCHA Value: 09AJ4Tk-7eALh0icEaXqYmITAxa1VwoqxQldTxEvp_5guNp3JSnQRJqrIjYScboP_PEUmzJZ7_QmjqiBxRUVKL5u0
.redhandadvisors.com/	1970-01-20 18:25:37	Name: _ga Value: GA1.2.1007868890.1673377865
.redhandadvisors.com/	1970-01-20 08:51:04	Name: _gid Value: GA1.2.1554370905.1673377865
.redhandadvisors.com/	1970-01-20 08:49:37	Name: _gat_UA-73378966-2 Value: 1
.redhandadvisors.com/	1970-01-20 10:59:13	Name: _gcl_au Value: 1.1.183231878.1673377865
redhandadvisors.com/	1970-01-20 08:51:04	Name: ln_or Value: eyIzMzczMTk2IjoiZCJ9
.doubleclick.net/	1970-01-20 08:49:38	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 09:32:49	Name: UserMatchHistory Value: AQKz1N6ag8koCAAAAYWdF93dsBz3mKaLTW27VxnA5BnuoWF5PDBCb0Pj12WzrEASoCTkVwyBl-DK_Q
.linkedin.com/	1970-01-20 09:32:49	Name: AnalyticsSyncHistory Value: AQJDoBzNEqtSHAAAAYWdF93dcwZShIxaMl81uH6i6eMo8yRXoxqBIuCM3bH2chq7VsnsArecr74kWbWw3LgVVw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:35:13	Name: bcookie Value: "v=2&3524f14f-fcab-43d4-8ecf-54c0c8b8e4e3"
.linkedin.com/	1970-01-20 08:51:04	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2887:u=1:x=1:i=1673377865:t=1673464265:v=2:sig=AQFdGnY5wLswN1TMH2ZGhSBHhdiDUl92"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:35:13	Name: bscookie Value: "v=1&202301101911050ce60977-d04f-4fe4-8901-3c2a37081ec0AQG61eA-MO5B8GiYFD-EU0Fu5Opw8wwY"
.linkedin.com/	1970-01-20 13:08:49	Name: li_gc Value: MTswOzE2NzMzNzc4NjU7MjswMjFVXARrVJdyDLIyfBqIPiNt0ot8bIhhx8zaLfsbPxH5Rg==
.redhandadvisors.com/	1970-01-20 13:08:49	Name: __hstc Value: 213084171.8b6664e4e10726a240bccee257ec012c.1673377865733.1673377865733.1673377865733.1
.redhandadvisors.com/	1970-01-20 13:08:49	Name: hubspotutk Value: 8b6664e4e10726a240bccee257ec012c
.redhandadvisors.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.redhandadvisors.com/	1970-01-20 08:49:39	Name: __hssc Value: 213084171.1.1673377865734
.hubspot.com/	1970-01-20 08:49:39	Name: __cf_bm Value: jtB79lTYxOB9HTo49ey4Q8GhXzNI4kcIoFb1F2pvMSc-1673377865-0-AaQMApt3082zrYSOAihqLSm8B67/JhQ4lv3begPEvaHyrjRbJZoy91yP23mLKLNZsdDCxAF3OrGA+SzbR3qxlPk=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cdn.linkedin.oribi.io
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
redhandadvisors.com
snap.licdn.com
track.hubspot.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redhandadvisors.com
13.107.42.14
192.254.188.242
2600:9000:206f:4e00:2:53b2:240:93a1
2606:4700:4400::ac40:9a55
2606:4700::6810:5605
2606:4700::6810:5905
2606:4700::6811:45b0
2606:4700::6811:70b0
2606:4700::6811:7fab
2606:4700::6811:b749
2606:4700::6811:c9cc
2606:4700::6811:d6cc
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2008
2a00:1450:400d:803::2003
2a00:1450:400d:806::2004
2a00:1450:400d:80d::2003
2a02:26f0:3500:16::215:14a0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
1213c52cc203bcb625c80321437a13da89fd32844a1a3a2d26562a5f8bcba759
17debabfa95fc0e13577ca5f0dbb30572c4b12c47744f5c33f75cb59fcd9a9f0
18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7
3b0b8378134e79a3a7058080f4d617969ac9b159d448be7b15e595719e5c9518
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b6a63c5f700b206ed44b8bf4464d4dd14399b99f1cd1f24232c26b8a917054
5126853cf77c4030e8950e7b7a1d24010eaab2009771f761687dff49f32576e3
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c9203860ae657336596c738730f9d362e00bb9948a0f581fb074270c328e26b
5e004a47f4de7a500085bcfcd6681577f5662b13a89429d7b3761644a9c0e124
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
68b531656713cac2e434112f9be32f47c4c55ed01ba4d0473f715b860a42cb7b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be572e3ac412d120d63c7d9f6d69ff763ea311939dd89dece1b49e07f284564
6e71539ec35d9ab5bc65ec77cb9c0dbf7967bdc9eb817967e5f5887c607defa4
6fe63fa62bc1e9e2096883e63ea4726488a3875cf420f6f555603ccf36511f1b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
86b68f6185b4c4f70cffb5f1bdf580833a5dea883da040bbece3354b43b96c2b
882f26b6e65febcb9fb7ca540809d125ad247dc4d09819b6b87aa6327d3f0cbf
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
9435c8c132bbfd387d4b14f9e07d60c0ba7fb5a1eca2b49882f62b2ef113eee8
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
a18c3506f7c682e28341e59140ff7013ff395679927218f942914563346e6ac3
a647ce5cde20a6bdc2ad1fcf9a985129d7eaed52ba09ebe261e97d62cd1e2c28
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4
ac93813577a57ac535c749aaa9642bd72c7b20bd8045c29a5e15f1410a9c6fb1
ad15c40ccf3ccb707131537f73a780630e5121e801d7018149b7e6acfbc9e33e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b15e4cfad3dc2c17e903180bb2c243ea098279f4f25287e48b0bf7c3ee72097a
b1eb9b22c8d57136bed4c06f4946e9ba5f2fc1bff55934229b5d687f64a579bc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb5a1062dc1d2b96722584846be08bc187fd70fefaa7c13a662b160bee389b89
c0a1e336fc7db11d9620d172bf064980626160994eee0f512a95b44508fa00e7
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ceb1d7c0530eaa3dfec7d0f3aae84c2612c57a9e1b7ed9946a5c3bb5b3f2dd19
d0592166a27d65248319364e73f373c14e69a5329e3437aebac6fb2a7d7ae088
d93e54e8452d77c0ae8b26fe825a5b030fb5b958f9da0f6cbb2eb855bf605bfe
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e28d8b4c930df7c97ad1b2c9d20cc98d9073e88e43478902ed1c7a9645855828
e319bc5f0e668e7ff8836fb3a9b80c0ed8a7dccf55c6417248f9e661192e42cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53bde957ffc1b0ff21f492398aea2f09547c124fdd3442e15636ba16b4449a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04fcb0932b99d355532ecdad3ff051e3c503b176dc1176dddc017e7f1523516
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

redhandadvisors.com Open in urlscan Pro 192.254.188.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

99 %HTTPS

91 %IPv6

20 Domains

26 Subdomains

22 IPs

3 Countries

3058 kBTransfer

6486 kBSize

20 Cookies

14 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redhandadvisors.com Open in urlscan Pro
192.254.188.242 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

99 %
HTTPS

91 %
IPv6

20
Domains

26
Subdomains

22
IPs

3
Countries

3058 kB
Transfer

6486 kB
Size

20
Cookies

82 HTTP transactions
0 data transactions