thehgroup.com Open in urlscan Pro
34.135.1.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thehgroup.com/
Submission Tags: falconsandbox
Submission: On October 09 via api (October 9th 2024, 7:16:32 pm UTC) from US — Scanned from US

Summary HTTP 71 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 71 HTTP transactions. The main IP is 34.135.1.19, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is thehgroup.com.
TLS certificate: Issued by R10 on October 5th 2024. Valid for: 3 months.

This is the only time thehgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	34.135.1.19 34.135.1.19	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
10	142.250.80.35 142.250.80.35	15169 (GOOGLE) (GOOGLE)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
1	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::9b	15169 (GOOGLE) (GOOGLE)
1	18.164.96.77 18.164.96.77	16509 (AMAZON-02) (AMAZON-02)
1	142.250.80.68 142.250.80.68	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.168.122.69 3.168.122.69	16509 (AMAZON-02) (AMAZON-02)
1	18.203.150.108 18.203.150.108	16509 (AMAZON-02) (AMAZON-02)
71	16

35 34.135.1.19 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.1.135.34.bc.googleusercontent.com

thehgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.80.35 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.122.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-69.jfk52.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.150.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-150-108.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	thehgroup.com thehgroup.com	3 MB
10	gstatic.com fonts.gstatic.com	146 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	7 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	297 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3185 content.hotjar.io — Cisco Umbrella Rank: 6755	403 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 147 www.google.com — Cisco Umbrella Rank: 3	64 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
71	11

	Domain	Requested by
35	thehgroup.com	thehgroup.com
10	fonts.gstatic.com	thehgroup.com fonts.googleapis.com
8	www.facebook.com	thehgroup.com
3	www.googletagmanager.com	thehgroup.com www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	thehgroup.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	www.google.com	thehgroup.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fonts.googleapis.com	thehgroup.com
71	16

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
thehgroup.com R10	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-19` - `2024-10-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thehgroup.com/
Frame ID: 1D7E36BD5B0890521D3D517511F35E94
Requests: 69 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/AW-11005095935?random=1728501385513&cv=11&fst=1728501385513&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a70z8894350041za201zb894350041&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fthehgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=Wealth%20Management%20%7C%20Certified%20Financial%20Planner%E2%84%A2%20%7C%20The%20H%20Group&npa=0&pscdl=noapi&auid=499420793.1728501385&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 878EA534839AFA0259956486FA74C13A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-2QGH9G4BHV&gacid=219622398.1728501386&gtm=45je4a70v895073237z8894350041za200zb894350041&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101671035~101747727&z=591370614
Frame ID: 7CFFD988A183655D0AA8214AED1229AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wealth Management | Certified Financial Planner™ | The H Group

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Page Statistics

71
Requests

100 %
HTTPS

44 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

3206 kB
Transfer

7452 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/TheHGroupInc
Title: X page opens in new window

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheHGroupInc
Title: Facebook page opens in new window

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-h-group-inc-/?trk=hb_tab_compy_id_3005156
Title: Linkedin page opens in new window

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thehgroup.com/ 333 KB
50 KB 511ms
248ms Document
text/html 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: e4ddabadc56d2a84f67d472f8fa7ec39344b2aaf909d82cc0b418a25353f4045

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2024 19:16:23 GMT
last-modified: Wed, 09 Oct 2024 04:48:01 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
wpo-cache-status: cached
x-cache: HIT: 10
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 306 KB
107 KB 462ms
179ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VCKD8T

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c954075feecc721f36ca03c90ae58b5b2b02728e61f80d442127c75ad9bb3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 09 Oct 2024 19:16:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 18:29:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109242
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 icomoon-the7-font.min.css
thehgroup.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/ 20 KB
3 KB 132ms
132ms Stylesheet
text/css 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a17ad60491df641c2e86700ab73143eb57a71f008a495c922c02be00cdf33789

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66b66346-4e33"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 09 Aug 2024 18:43:18 GMT

GET
H2 200 custom-scrollbar.min.css
thehgroup.com/wp-content/themes/dt-the7/lib/custom-scrollbar/ 11 KB
2 KB 153ms
153ms Stylesheet
text/css 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/themes/dt-the7/lib/custom-scrollbar/custom-scrollbar.min.css
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3615fe430b11a0bbd580c5076d0e5edf562597d8a3e851b1aa61280f8ea3897

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66b66346-2a03"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 09 Aug 2024 18:43:18 GMT

GET
H2 200 wpo-minify-header-b58d58f9.min.css
thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/ 2 MB
211 KB 182ms
182ms Stylesheet
text/css 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/wpo-minify-header-b58d58f9.min.css
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7fad0edc98de5cb1d6f37d56c38fca7246d8bb151ace075dcc0ae0b58ceca6c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66be1a33-1acbb9"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 15 Aug 2024 15:09:39 GMT

GET
H2 200 wpo-minify-header-83435c99.min.js Show response
thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/ 964 KB
273 KB 182ms
182ms Script
application/javascript 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/wpo-minify-header-83435c99.min.js
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4383b44b3f033f0787c645b093eb5cc10106207290261b0d2eeb7d5dc6811bac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66be1a33-f11d7"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 15 Aug 2024 15:09:39 GMT

GET
H2 200 thg-logo.png
thehgroup.com/wp-content/uploads/ 11 KB
11 KB 230ms
229ms Image
image/png 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/thg-logo.png
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6a212d77cc931407ed504848ac535ea11038e77e5302f9296909cceb20c0f9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "641b7299-2ac5"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10949
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: image/png
last-modified: Wed, 22 Mar 2023 21:26:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 the-H-group-logo-green-yellow.png
thehgroup.com/wp-content/uploads/ 3 KB
3 KB 151ms
150ms Image
image/png 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/the-H-group-logo-green-yellow.png
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f6c68bcc3273f7e0c072aace68798a7beef6e175f32f01dd2b586bcce83477b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61f96ef6-a77"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2679
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: image/png
last-modified: Tue, 01 Feb 2022 17:33:42 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 rbtools.min.js Show response
thehgroup.com/wp-content/plugins/revslider/sr6/assets/js/ 161 KB
62 KB 231ms
230ms Script
application/javascript 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/plugins/revslider/sr6/assets/js/rbtools.min.js?rev=6.7.16
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66b66221-285db"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 09 Aug 2024 18:38:25 GMT

GET
H2 200 rs6.min.js Show response
thehgroup.com/wp-content/plugins/revslider/sr6/assets/js/ 406 KB
107 KB 142ms
142ms Script
application/javascript 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/plugins/revslider/sr6/assets/js/rs6.min.js?rev=6.7.16
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6956a11abacef46d5ddb093efc77c666cb767197089d2cb8ebe5ac501d753e4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66b66221-658a0"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 09 Aug 2024 18:38:25 GMT

GET
H2 200 dummy.png
thehgroup.com/wp-content/plugins/revslider/sr6/assets/assets/ 68 B
268 B 229ms
229ms Image
image/png 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/plugins/revslider/sr6/assets/assets/dummy.png
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "66b66221-44"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 68
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: image/png
last-modified: Fri, 09 Aug 2024 18:38:25 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 452ms
166ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100%2C700%2C400%7CMerriweather:400&display=swap

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

975faff83e8480f772d9eb19a82e3670d55a9c4868b368c6b97c295eb9e7c88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 19:16:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Oct 2024 19:16:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 fontawesome-webfont.woff2
thehgroup.com/wp-content/plugins/revslider/sr6/assets/fonts/font-awesome/fonts/ 75 KB
76 KB 229ms
229ms Font
font/woff2 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/plugins/revslider/sr6/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "66b66221-12d68"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 18:38:25 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 font-awesome.css
thehgroup.com/wp-content/plugins/revslider/sr6/assets/fonts/font-awesome/css/ 36 KB
7 KB 139ms
138ms Stylesheet
text/css 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/plugins/revslider/sr6/assets/fonts/font-awesome/css/font-awesome.css
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ddb31822d0a99ce7b4370f5fbae25ed76d0d58a9f8f9b0912cc1fc8156d1e7e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66b66221-903d"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 09 Aug 2024 18:38:25 GMT

GET
H2 200 wpo-minify-footer-60c911d1.min.css
thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/ 51 KB
10 KB 140ms
139ms Stylesheet
text/css 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/wpo-minify-footer-60c911d1.min.css
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b9699c7d7caba159b921aa73a48d8515ad7f6ae7a6fcc0661b5fddedcd312b93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66be1a34-ca21"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 15 Aug 2024 15:09:40 GMT

GET
H2 200 wpo-minify-footer-f3e63b38.min.js Show response
thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/ 400 KB
107 KB 150ms
149ms Script
application/javascript 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/wpo-minify-footer-f3e63b38.min.js
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6cb1bed2d38918716d40411c51636f055a9457867d15f49b28cc73070f8d98ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66be1a34-640e5"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 15 Aug 2024 15:09:40 GMT

GET
H2 200 the7-chevron-down.svg
thehgroup.com/wp-content/themes/dt-the7/images/ 579 B
603 B 236ms
235ms Image
image/svg+xml 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/themes/dt-the7/images/the7-chevron-down.svg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/wpo-minify-header-b58d58f9.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 378cb322825a777a6dcdfe8189e0728735e1ad56fb48cde5746fec38627df8e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/wp-content/cache/wpo-minify/1723734306/assets/wpo-minify-header-b58d58f9.min.css

Response headers

cache-control: public, max-age=31536000
content-encoding: br
etag: W/"66b66346-243"
access-control-allow-origin: *
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Fri, 09 Aug 2024 18:43:18 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 290ms
139ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 24745
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 12:24:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 12:24:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13408
x-xss-protection: 0
server: sffe

GET
H2 200 icomoon-the7-font.ttf
thehgroup.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/ 47 KB
47 KB 221ms
220ms Font
application/octet-stream 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12460e8e76287f1d825623404ae26ca82e80013efb5534a818be3c618bb10588

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css

Response headers

cache-control: public, max-age=31536000
etag: "66b66346-baa0"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47776
date: Wed, 09 Oct 2024 19:16:24 GMT
content-type: application/octet-stream
last-modified: Fri, 09 Aug 2024 18:43:18 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 407ms
257ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 59741
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 02:40:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 02:40:44 GMT
last-modified: Thu, 01 Aug 2024 20:41:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13388
x-xss-protection: 0
server: sffe

GET
H3 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v30/ 12 KB
12 KB 448ms
298ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

589b7517bb90e74add1e1a364cad44e8e291af92d6827af28f5db6e80d5ba2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 45999
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 06:29:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 06:29:46 GMT
last-modified: Tue, 26 Apr 2022 15:45:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12460
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 337ms
188ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 23190
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 12:49:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 12:49:55 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13432
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 292ms
143ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 22760
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 12:57:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 12:57:05 GMT
last-modified: Thu, 01 Aug 2024 20:41:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13528
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
105 KB 179ms
178ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QGH9G4BHV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VCKD8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08acf8f6c9a82d5ee7b602feb5373b75eed9e5b64db07fede660d9743a1a4744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 09 Oct 2024 19:16:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106747
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-3179092.js Show response
static.hotjar.com/c/ 13 KB
5 KB 495ms
216ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3179092.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VCKD8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

4a3545ce5d7569ae2d8b5a372ab9244cb55ed56a54bfbc5b82d2c94182f33e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/c8ea2b9e4b946e539ff1649b8d74dd67
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 c824f42276c55792245504036b5383fa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aWm-CmRDFihDndTrANPqYlEsx84ZU0hD8acy8XhJ9tQee6Kcr3DzIw==
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P3

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 414ms
136ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VCKD8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: gzip
age: 4221
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 20:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 18:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 188ms
187ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-11005095935&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VCKD8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ee8bf393c5471b3d28900a0852dffeaaf2a3e64ce906357dbd501506ce548ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 09 Oct 2024 19:16:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 18:29:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86925
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 269ms
133ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=24, mss=1232, tbw=8184, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: tciTjQPltPZD3TZLz//GY8BRJsm0I4SJgqRbDkgnCNKO/r8b6b5521z/eoPsUxnaU7FYTGzkvAnG9iCNISnmcg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v30/ 13 KB
13 KB 354ms
334ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 23959
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 12:37:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 12:37:06 GMT
last-modified: Tue, 26 Apr 2022 15:46:00 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12832
x-xss-protection: 0
server: sffe

GET
H2 200 couple-color-muted-fade-scaled.jpg
thehgroup.com/wp-content/uploads/ 330 KB
330 KB 132ms
131ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/couple-color-muted-fade-scaled.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1fb1f3de930dead3cbb3356ecbeae4496949ecd90e30d4bedbb6271f06f563df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-5273f"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 337727
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-number-1.jpg
thehgroup.com/wp-content/uploads/ 34 KB
35 KB 148ms
147ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/icon-number-1.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c089f0beaca19b580c3baf6e522494d3544a6199cb5dfbab07f47fb7fd04d496

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-8937"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35127
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-number-3.jpg
thehgroup.com/wp-content/uploads/ 35 KB
35 KB 149ms
148ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/icon-number-3.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1dd6fb63684e09909d4a95719b2e1fc17a241a3caa256aa3b5649c5dc251779f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-8a24"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35364
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-number-2.jpg
thehgroup.com/wp-content/uploads/ 35 KB
35 KB 149ms
149ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/icon-number-2.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b92d1ee8183d9ad85acae01f4f339e0389da0f6d27c46a50d98f7ab9a561a09e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-8a74"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35444
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon-number-4.jpg
thehgroup.com/wp-content/uploads/ 35 KB
35 KB 148ms
147ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/icon-number-4.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c024fa9ddbfba81869adaa0b315cf8ff0890b8f6f1dc72f1b41d2f06d76ed58d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-8ab1"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35505
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 the-h-group-financial-services.jpg
thehgroup.com/wp-content/uploads/ 47 KB
47 KB 147ms
146ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/the-h-group-financial-services.jpg?id=3709
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 129719aeba200cbe79a8e69d559cd15f70a3ec8142b214b026d3157947ac2526

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "639905b3-bb5f"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47967
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Tue, 13 Dec 2022 23:07:31 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 fa-solid-900.woff2
thehgroup.com/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/ 76 KB
77 KB 188ms
187ms Font
font/woff2 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-solid-900.woff2
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "66b66346-13184"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78212
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 18:43:18 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v30/ 12 KB
13 KB 359ms
358ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

age: 59740
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 02:40:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 02:40:45 GMT
last-modified: Tue, 26 Apr 2022 15:55:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12780
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 141ms
139ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100%2C700%2C400%7CMerriweather:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://fonts.googleapis.com/

Response headers

age: 99558
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 149ms
148ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100%2C700%2C400%7CMerriweather:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://fonts.googleapis.com/

Response headers

age: 24713
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 172ms
171ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100%2C700%2C400%7CMerriweather:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://fonts.googleapis.com/

Response headers

age: 9864
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 16:32:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 16:32:01 GMT
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20028
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
thehgroup.com/wp-content/plugins/js_composer/assets/lib/vendor/node_modules/@fortawesome/fontawesome-free/webfonts/ 76 KB
77 KB 151ms
150ms Font
font/woff2 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/plugins/js_composer/assets/lib/vendor/node_modules/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thehgroup.com
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "66b6626e-131bc"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78268
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 18:39:42 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-11005095935/ 5 KB
2 KB 435ms
164ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-11005095935/?random=1728501385513&cv=11&fst=1728501385513&bg=ffffff&guid=ON&async=1&gtm=45be4a70z8894350041za201zb894350041&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fthehgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=Wealth%20Management%20%7C%20Certified%20Financial%20Planner%E2%84%A2%20%7C%20The%20H%20Group&npa=0&pscdl=noapi&auid=499420793.1728501385&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-11005095935&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

cafe /

Resource Hash

468910d08f2bec58ff2b78ed965e51384d7ec1dc2dc06c6ada58f1ad3f2a607c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2338
date: Wed, 09 Oct 2024 19:16:25 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 AW-11005095935
td.doubleclick.net/td/rul/ Frame 878E 0
0 455ms
173ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/AW-11005095935?random=1728501385513&cv=11&fst=1728501385513&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a70z8894350041za201zb894350041&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fthehgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=Wealth%20Management%20%7C%20Certified%20Financial%20Planner%E2%84%A2%20%7C%20The%20H%20Group&npa=0&pscdl=noapi&auid=499420793.1728501385&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-11005095935&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 19:16:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 the-h-group-financial-services.jpg
thehgroup.com/wp-content/uploads/ 47 KB
47 KB 128ms
128ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/the-h-group-financial-services.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 129719aeba200cbe79a8e69d559cd15f70a3ec8142b214b026d3157947ac2526

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "639905b3-bb5f"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47967
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Tue, 13 Dec 2022 23:07:31 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 the-h-group-logo-white-yellow.png
thehgroup.com/wp-content/uploads/ 2 KB
3 KB 127ms
126ms Image
image/png 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/the-h-group-logo-white-yellow.png
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6b12680ffcced0b7710065218007a04f37943ce040aefb90e8647899ab416cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61f9683a-97e"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2430
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/png
last-modified: Tue, 01 Feb 2022 17:04:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 hero-outlive-my-money-160x160.jpg
thehgroup.com/wp-content/uploads/ 28 KB
28 KB 128ms
128ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/hero-outlive-my-money-160x160.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ceb98f497993de27b97909a6a6d9f5b73c24c2e252dcf0c2d0dd7d8641244fd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-6f69"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28521
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 banner-couple-finances-160x160.jpg
thehgroup.com/wp-content/uploads/ 10 KB
10 KB 129ms
129ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/banner-couple-finances-160x160.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc2b8b8c7d4cb3a2752012c714a4f30d7aeb127bd1c8a59bb454c577532457e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-260c"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9740
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 banner-woman-looking-at-window-160x160.jpg
thehgroup.com/wp-content/uploads/ 8 KB
9 KB 129ms
128ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/banner-woman-looking-at-window-160x160.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f544428b416caba90a5cf09ad1a4df5c2dda1022ec30979b627edd66ab96b530

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-216b"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8555
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 hero-are-my-investments-working-together-flipped-160x160.jpg
thehgroup.com/wp-content/uploads/ 11 KB
11 KB 223ms
223ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/hero-are-my-investments-working-together-flipped-160x160.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 237d067ce0753e859254d55da005a1b02cae240e4836a5575051c06951914c9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-2c22"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11298
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 banner-old-couple-ready-to-retire-160x160.jpg
thehgroup.com/wp-content/uploads/ 10 KB
10 KB 128ms
128ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/banner-old-couple-ready-to-retire-160x160.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4298be0c1f7324dd82536c48f9a5dc8a70a9334dc6bddb6c3875c2d068c30eaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61f846e0-2710"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10000
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Mon, 31 Jan 2022 20:30:24 GMT
server: nginx
vary: Accept-Encoding

POST
H2 204 collect
analytics.google.com/g/ 0
0 443ms
150ms Fetch
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2QGH9G4BHV&gtm=45je4a70v895073237z8894350041za200zb894350041&_p=1728501384208&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529666~101671035~101747727&cid=219622398.1728501386&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728501385&sct=1&seg=0&dl=https%3A%2F%2Fthehgroup.com%2F&dt=Wealth%20Management%20%7C%20Certified%20Financial%20Planner%E2%84%A2%20%7C%20The%20H%20Group&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2105
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QGH9G4BHV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thehgroup.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
552 B 417ms
141ms Ping
text/plain 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2QGH9G4BHV&cid=219622398.1728501386&gtm=45je4a70v895073237z8894350041za200zb894350041&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529666~101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QGH9G4BHV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thehgroup.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 7CFF 0
0 193ms
169ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-2QGH9G4BHV&gacid=219622398.1728501386&gtm=45je4a70v895073237z8894350041za200zb894350041&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101671035~101747727&z=591370614

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QGH9G4BHV&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thehgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 19:16:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1313998895804575 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 228ms
228ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1313998895804575?v=2.9.170&r=stable&domain=thehgroup.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

20f7b8bfd57df3dcfa88fbe7809d5d46250d0ec0c5e7d9d878ff80203599fc03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=133, rtx=0, c=77, mss=1232, tbw=71100, tp=68, tpl=0, uplat=95, ullat=0
pragma: public
x-fb-debug: pYFjrTaAISWrieho5NDYkS2Fq0+7eSpFqX5NpStZtfQUvGbByEJiglsfiUox6LMoPioeAe2FJZske/wEt8oVaA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 hero-outlive-my-money.jpg
thehgroup.com/wp-content/uploads/ 300 KB
300 KB 127ms
127ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/hero-outlive-my-money.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae8434585b76a852dfbaaaef7f2649ace7ec3eeafc406d23a17acc462ee9daf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-4af73"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 307059
date: Wed, 09 Oct 2024 19:16:25 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
419 B 149ms
148ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1652521054&t=pageview&_s=1&dl=https%3A%2F%2Fthehgroup.com%2F&ul=en-us&de=UTF-8&dt=Wealth%20Management%20%7C%20Certified%20Financial%20Planner%E2%84%A2%20%7C%20The%20H%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=139907540&gjid=535585771&cid=219622398.1728501386&tid=UA-50453748-1&_gid=121769263.1728501386&_r=1&_slc=1&gtm=45He4a70n815VCKD8Tv894350041za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529666~101671035~101747727&z=1432085943

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://thehgroup.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 19:16:25 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://thehgroup.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 modules.720d0264984b164946ff.js Show response
script.hotjar.com/ 224 KB
56 KB 422ms
151ms Script
application/javascript 18.164.96.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.720d0264984b164946ff.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3179092.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-77.jfk50.r.cloudfront.net

Software

Resource Hash

c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "2bc2d25972a7d1d4abf498f97b5d89f1"
age: 21439
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: _6oY9lSpLDfOpHQpb0Kjwg3C1zBRshZ1diXqVEclxUxz5C61YZnD8A==
date: Wed, 09 Oct 2024 13:19:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Oct 2024 13:18:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 fa503ecd9278a874859948f3b586c782.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56538
x-amz-cf-pop: JFK50-P5

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-11005095935/ 42 B
64 B 437ms
161ms Image
image/gif 142.250.80.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-11005095935/?random=1728501385513&cv=11&fst=1728500400000&bg=ffffff&guid=ON&async=1&gtm=45be4a70z8894350041za201zb894350041&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fthehgroup.com%2F&hn=www.googleadservices.com&frm=0&tiba=Wealth%20Management%20%7C%20Certified%20Financial%20Planner%E2%84%A2%20%7C%20The%20H%20Group&npa=0&pscdl=noapi&auid=499420793.1728501385&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfEyPvi_pUlv84TtBBe87BXPGeqVPSDA&random=1721552575&rmt_tld=0&ipr=y

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 09 Oct 2024 19:16:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 410ms
135ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1313998895804575&ev=PageView&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386086&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=f4b1aa&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&rqm=GET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=3019, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
853 B 540ms
265ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1313998895804575&ev=PageView&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386086&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=f4b1aa&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423856924799480529"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: LtZS+0jfemMifj/NY/ZYZ2B6mFvUU4O80eD6S6tpzeeixeJeu2N+amwcgJDOV03KJa3DuHYBwIyUZOJ8p130mg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423856924799480529", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=7746, tp=-1, tpl=-1, uplat=78, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 409ms
134ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1313998895804575&ev=ViewContent&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386089&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=9a84e6&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&cas=5769832799796875&rqm=GET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=3019, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
862 B 538ms
264ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1313998895804575&ev=ViewContent&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386089&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=9a84e6&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&cas=5769832799796875&rqm=FGET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423856924773459602"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: yp0k0/o1vr0RUQuIsYks8GNwHOzgwcwrXDQT3mQhD2vIMUjee5cJGolne5U8LLSltzp6D6GB8rZwOV7IaboByw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423856924773459602", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=6862, tp=-1, tpl=-1, uplat=77, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 408ms
134ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1313998895804575&ev=Lead&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386090&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=824875&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&rqm=GET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=3019, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 538ms
264ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1313998895804575&ev=Lead&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386090&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=824875&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423856924569895536"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: B7oj9lcf1xPrf+Nol0EOW1lVoTGJg6Cjvc2VKR6wC1R3yqighW7cnxFZZmnwystNS7uv+YZ8cc0CVdcEy4KWiQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423856924569895536", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=3588, tp=-1, tpl=-1, uplat=67, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 134ms
133ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1313998895804575&ev=Contact&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386091&sw=1600&sh=1200&v=2.9.170&r=stable&ec=3&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=00abf2&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&rqm=GET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=3445, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 238ms
238ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1313998895804575&ev=Contact&dl=https%3A%2F%2Fthehgroup.com&rl=&if=false&ts=1728501386091&sw=1600&sh=1200&v=2.9.170&r=stable&ec=3&o=12316&fbp=fb.1.1728501386084.489586362660254286&pm=1&hrl=00abf2&ler=empty&cdl=API_unavailable&it=1728501385821&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: thehgroup.com
URL: https://thehgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423856924419397130"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PxvEtKzW8e43acnIf+lyAgL4MeuGs/oHoWCp799aPsUhGFOHNNX8U5ZY9I5EWflrtvA6QccRwLBdAJrE5KFCQQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423856924419397130", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=131, rtx=0, c=10, mss=1297, tbw=8643, tp=-1, tpl=-1, uplat=45, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 banner-old-couple-ready-to-retire.jpg
thehgroup.com/wp-content/uploads/ 339 KB
340 KB 128ms
127ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/banner-old-couple-ready-to-retire.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: abecf28237de64de4604f4aaccf1fafb40ac4b8e2f33ca3362c0b17d67d2dfd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61f847d7-54bbc"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 347068
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/jpeg
last-modified: Mon, 31 Jan 2022 20:34:31 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 banner-couple-finances.jpg
thehgroup.com/wp-content/uploads/ 198 KB
198 KB 251ms
251ms Image
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thehgroup.com/wp-content/uploads/banner-couple-finances.jpg
Requested by: Host: thehgroup.com
URL: https://thehgroup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0d8c045c2a68f650fa12e79b1bbc5a0374c9988886a36481067fd4bf149aff8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-31844"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 202820
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 204 3179092 Show response
vc.hotjar.io/sessions/ 0
232 B 485ms
195ms XHR
text/plain 3.168.122.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3179092?s=0.25&r=0.24635421411322933
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.720d0264984b164946ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-69.jfk52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

via: 1.1 614c2f49ee02e59ee41dd908e64f7376.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: MUmiW1MN1mE29qSKX3kKPbROwnYTLYt6bXuPNkwR9Hced50NiYoYrA==
date: Wed, 09 Oct 2024 19:16:26 GMT
x-amz-cf-pop: JFK52-P7

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 1057ms
423ms XHR
application/json 18.203.150.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3179092&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.720d0264984b164946ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.203.150.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-150-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cdc8db1348d3e98b8c046aad48ae1cbd2d2ba504c6529f5aaa59703f435d15a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://thehgroup.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Wed, 09 Oct 2024 19:16:27 GMT
content-type: application/json

GET
H2 200 favicon-32x32.jpg
thehgroup.com/wp-content/uploads/ 1 KB
1 KB 127ms
127ms Other
image/jpeg 34.135.1.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thehgroup.com/wp-content/uploads/favicon-32x32.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.135.1.19 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.1.135.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66f2447519755e0d000489bb73f21fe13f2f3e82c676cd2e32410342e4348eda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thehgroup.com/

Response headers

cache-control: public, max-age=31536000
etag: "61eb6c6b-414"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1044
date: Wed, 09 Oct 2024 19:16:26 GMT
content-type: image/jpeg
last-modified: Sat, 22 Jan 2022 02:31:07 GMT
server: nginx
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thehgroup.com/	1970-01-21 02:17:57	Name: _gcl_au Value: 1.1.499420793.1728501385
.thehgroup.com/	1970-01-21 09:44:21	Name: _ga_2QGH9G4BHV Value: GS1.1.1728501385.1.0.1728501385.60.0.0
.thehgroup.com/	1970-01-21 09:44:21	Name: _ga Value: GA1.2.219622398.1728501386
.thehgroup.com/	1970-01-21 00:09:47	Name: _gid Value: GA1.2.121769263.1728501386
.thehgroup.com/	1970-01-21 00:08:21	Name: _gat_UA-50453748-1 Value: 1
.doubleclick.net/	1970-01-21 00:08:22	Name: test_cookie Value: CheckForPermission
.thehgroup.com/	1970-01-21 02:17:57	Name: _fbp Value: fb.1.1728501386084.489586362660254286
.thehgroup.com/	1970-01-21 08:53:57	Name: _hjSessionUser_3179092 Value: eyJpZCI6IjQ4YWVhNzkyLWM1OWMtNTRkZC1hNmZiLWE3Mzk0ZTRiN2Q0OSIsImNyZWF0ZWQiOjE3Mjg1MDEzODY0NzAsImV4aXN0aW5nIjp0cnVlfQ==
.thehgroup.com/	1970-01-21 00:08:23	Name: _hjSession_3179092 Value: eyJpZCI6IjViNjZhODdhLWZhY2QtNDIyZC1iY2YwLTFlOTM5OWNlN2VkMCIsImMiOjE3Mjg1MDEzODY0NzEsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
thehgroup.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.106.126
142.250.64.66
142.250.80.35
142.250.80.68
18.164.96.77
18.203.150.108
2607:f8b0:4004:c1f::9b
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200e
2a03:2880:f112:83:face:b00c:0:25de
3.168.122.69
31.13.71.7
34.135.1.19
08acf8f6c9a82d5ee7b602feb5373b75eed9e5b64db07fede660d9743a1a4744
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0d8c045c2a68f650fa12e79b1bbc5a0374c9988886a36481067fd4bf149aff8e
0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14
0ee8bf393c5471b3d28900a0852dffeaaf2a3e64ce906357dbd501506ce548ea
12460e8e76287f1d825623404ae26ca82e80013efb5534a818be3c618bb10588
129719aeba200cbe79a8e69d559cd15f70a3ec8142b214b026d3157947ac2526
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dd6fb63684e09909d4a95719b2e1fc17a241a3caa256aa3b5649c5dc251779f
1fb1f3de930dead3cbb3356ecbeae4496949ecd90e30d4bedbb6271f06f563df
20f7b8bfd57df3dcfa88fbe7809d5d46250d0ec0c5e7d9d878ff80203599fc03
237d067ce0753e859254d55da005a1b02cae240e4836a5575051c06951914c9e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
378cb322825a777a6dcdfe8189e0728735e1ad56fb48cde5746fec38627df8e8
4298be0c1f7324dd82536c48f9a5dc8a70a9334dc6bddb6c3875c2d068c30eaa
4383b44b3f033f0787c645b093eb5cc10106207290261b0d2eeb7d5dc6811bac
468910d08f2bec58ff2b78ed965e51384d7ec1dc2dc06c6ada58f1ad3f2a607c
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4a3545ce5d7569ae2d8b5a372ab9244cb55ed56a54bfbc5b82d2c94182f33e78
589b7517bb90e74add1e1a364cad44e8e291af92d6827af28f5db6e80d5ba2b8
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
66f2447519755e0d000489bb73f21fe13f2f3e82c676cd2e32410342e4348eda
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6956a11abacef46d5ddb093efc77c666cb767197089d2cb8ebe5ac501d753e4a
6cb1bed2d38918716d40411c51636f055a9457867d15f49b28cc73070f8d98ec
75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d
7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129
7fad0edc98de5cb1d6f37d56c38fca7246d8bb151ace075dcc0ae0b58ceca6c6
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
975faff83e8480f772d9eb19a82e3670d55a9c4868b368c6b97c295eb9e7c88d
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a17ad60491df641c2e86700ab73143eb57a71f008a495c922c02be00cdf33789
a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abecf28237de64de4604f4aaccf1fafb40ac4b8e2f33ca3362c0b17d67d2dfd8
ae8434585b76a852dfbaaaef7f2649ace7ec3eeafc406d23a17acc462ee9daf4
b6b12680ffcced0b7710065218007a04f37943ce040aefb90e8647899ab416cf
b92d1ee8183d9ad85acae01f4f339e0389da0f6d27c46a50d98f7ab9a561a09e
b9699c7d7caba159b921aa73a48d8515ad7f6ae7a6fcc0661b5fddedcd312b93
bc2b8b8c7d4cb3a2752012c714a4f30d7aeb127bd1c8a59bb454c577532457e2
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
c024fa9ddbfba81869adaa0b315cf8ff0890b8f6f1dc72f1b41d2f06d76ed58d
c089f0beaca19b580c3baf6e522494d3544a6199cb5dfbab07f47fb7fd04d496
c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
c954075feecc721f36ca03c90ae58b5b2b02728e61f80d442127c75ad9bb3da8
cdc8db1348d3e98b8c046aad48ae1cbd2d2ba504c6529f5aaa59703f435d15a2
ceb98f497993de27b97909a6a6d9f5b73c24c2e252dcf0c2d0dd7d8641244fd4
d6a212d77cc931407ed504848ac535ea11038e77e5302f9296909cceb20c0f9b
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
ddb31822d0a99ce7b4370f5fbae25ed76d0d58a9f8f9b0912cc1fc8156d1e7e4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3615fe430b11a0bbd580c5076d0e5edf562597d8a3e851b1aa61280f8ea3897
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ddabadc56d2a84f67d472f8fa7ec39344b2aaf909d82cc0b418a25353f4045
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f544428b416caba90a5cf09ad1a4df5c2dda1022ec30979b627edd66ab96b530
f6c68bcc3273f7e0c072aace68798a7beef6e175f32f01dd2b586bcce83477b6

thehgroup.com Open in urlscan Pro 34.135.1.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

44 %IPv6

11 Domains

16 Subdomains

16 IPs

2 Countries

3206 kBTransfer

7452 kBSize

9 Cookies

3 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thehgroup.com Open in urlscan Pro
34.135.1.19 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

44 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

3206 kB
Transfer

7452 kB
Size

9
Cookies

71 HTTP transactions
0 data transactions