greatwatersfinancial.com Open in urlscan Pro
34.168.178.255 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.greatwatersfinancial.com/disclosures
Effective URL:
https://greatwatersfinancial.com/disclosures/
Submission: On December 21 via manual (December 21st 2022, 9:12:10 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 21 domains to perform 55 HTTP transactions. The main IP is 34.168.178.255, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is greatwatersfinancial.com.
TLS certificate: Issued by R3 on October 22nd 2022. Valid for: 3 months.

This is the only time greatwatersfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	34.168.178.255 34.168.178.255	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:11a... 2a02:26f0:11a::217:9a58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.251.208.102 142.251.208.102	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
55	27

12 34.168.178.255 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 255.178.168.34.bc.googleusercontent.com

www.greatwatersfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greatwatersfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net

11898804.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	greatwatersfinancial.com 1 redirects www.greatwatersfinancial.com greatwatersfinancial.com	229 KB
6	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4707 forms.hubspot.com — Cisco Umbrella Rank: 3280 app.hubspot.com — Cisco Umbrella Rank: 5599 track.hubspot.com — Cisco Umbrella Rank: 2327	23 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6856	289 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1410 insight.adsrvr.org — Cisco Umbrella Rank: 596	3 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 464 p.typekit.net — Cisco Umbrella Rank: 615	43 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	218 B
3	doubleclick.net 1 redirects 11898804.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	118 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6041 adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	102 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3592	848 B
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4284	438 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3342	3 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4795	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2228	63 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4621	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2217	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	911 B
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 8146	942 B
55	21

	Domain	Requested by
11	greatwatersfinancial.com	greatwatersfinancial.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
3	insight.adsrvr.org	js.adsrvr.org
3	www.facebook.com	greatwatersfinancial.com
3	connect.facebook.net	greatwatersfinancial.com connect.facebook.net
3	use.typekit.net	greatwatersfinancial.com use.typekit.net
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	api.hubspot.com	js.usemessages.com
2	11898804.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	greatwatersfinancial.com
1	track.hubspot.com
1	adservice.google.de	adservice.google.com
1	api.hubapi.com	js.hsadspixel.net
1	adservice.google.com	11898804.fls.doubleclick.net
1	forms.hsforms.com	greatwatersfinancial.com
1	www.google.de	greatwatersfinancial.com
1	www.google.com	greatwatersfinancial.com
1	forms.hubspot.com	js.hscollectedforms.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hsadspixel.net	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.usemessages.com	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	greatwatersfinancial.com
1	js.adsrvr.org	greatwatersfinancial.com
1	js-na1.hs-scripts.com	greatwatersfinancial.com
1	www.greatwatersfinancial.com	1 redirects
55	30

This site contains links to these domains. Also see Links.

Domain
web1.zixmail.net
hubs.ly
www.greatwatersfinancial.com

Subject Issuer	Validity	Valid
greatwatersfinancial.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://greatwatersfinancial.com/disclosures/
Frame ID: F5174157C613F1F0909157A524A974AB
Requests: 40 HTTP requests in this frame

Frame: https://11898804.fls.doubleclick.net/activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F
Frame ID: 0EF420F3C9A67ED2A0185AA972886883
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BB0EDBEA3259F4A82FE87CFEBF8E20FC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F
Frame ID: DA0221F3B0B0FBCE7931E51331910F2D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F
Frame ID: 17D3790F99B914194907CB42B9E997D3
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4747981/threads/utk/60083e30d38345d4a80b813d4fc020cb?uuid=6d4cc507504942c5ba7f7c662af9c35a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=greatwatersfinancial.com&inApp53=false&messagesUtk=60083e30d38345d4a80b813d4fc020cb&url=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: A80E5224412DB77D55D7D5D6A732805B
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=igq0hfv&ref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&upid=qnmii13&upv=1.1.0
Frame ID: B432DF1B4094A6C20DC6BACA57766F32
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=igq0hfv&ref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&upid=qnmii13&upv=1.1.0
Frame ID: 6410F0FDDC11216484FC2824445AB904
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=igq0hfv&ref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&upid=qnmii13&upv=1.1.0
Frame ID: 4AD998C7775C8281380235E5793E4934
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Disclosures | Great Waters Financial

Page URL History Show full URLs

https://www.greatwatersfinancial.com/disclosures HTTP 301
https://greatwatersfinancial.com/disclosures/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

55
Requests

100 %
HTTPS

85 %
IPv6

21
Domains

30
Subdomains

27
IPs

5
Countries

967 kB
Transfer

2872 kB
Size

12
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://web1.zixmail.net/s/e?b=mygreatwaters
Title: Secure Email

Search URL Search Domain Scan URL

URL: https://hubs.ly/Q01cYxJh0
Title: Form CRS

Search URL Search Domain Scan URL

URL: https://www.greatwatersfinancial.com/disclosures
Title: www.greatwatersfinancial.com/disclosures

Search URL Search Domain Scan URL

URL: http://www.greatwatersfinancial.com/disclosures
Title: www.greatwatersfinancial.com/disclosures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.greatwatersfinancial.com/disclosures HTTP 301
https://greatwatersfinancial.com/disclosures/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://11898804.fls.doubleclick.net/activityi;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F HTTP 302
https://11898804.fls.doubleclick.net/activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
greatwatersfinancial.com/disclosures/
Redirect Chain

https://www.greatwatersfinancial.com/disclosures
https://greatwatersfinancial.com/disclosures/

53 KB
13 KB

759ms
290ms

Document
text/html

34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 298a0742b760a8eda29bf2916a7222a1d32c4ccfe8034cc4b33d231f421fb398

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Dec 2022 21:12:04 GMT
link: <https://greatwatersfinancial.com/wp-json/>; rel="https://api.w.org/" <https://greatwatersfinancial.com/wp-json/wp/v2/pages/430>; rel="alternate"; type="application/json" <https://greatwatersfinancial.com/?p=430>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cache-control: max-age=600, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Dec 2022 21:12:03 GMT
expires: Wed, 21 Dec 2022 20:49:32 GMT
location: https://greatwatersfinancial.com/disclosures/
server: nginx
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine
x-redirect-by: WordPress

GET
H2 200 classic-themes.min.css
greatwatersfinancial.com/wp-includes/css/ 217 B
366 B 150ms
148ms Stylesheet
text/css 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:04 GMT
content-encoding: br
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: nginx
etag: W/"6357e86c-d9"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 app.css
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/ 94 KB
17 KB 157ms
156ms Stylesheet
text/css 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 104ebd1d8b36d7d7132833649ffcf7745c5ce42339a9ac86458d50eee58104ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:04 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: W/"63617b24-17997"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 109ms
47ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77929590-1

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39a56deb898286630bde7f9e30fce874a438944cf55f12137b00f58da2e0fd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Dec 2022 21:12:05 GMT

GET
H2 200 mpj6ijb.css
use.typekit.net/ 3 KB
965 B 311ms
184ms Stylesheet
text/css 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mpj6ijb.css

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1b90e1e7593b20231bcfefab4de56261fb3ee73bd7d0362fc6b2b2564b499a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 21 Dec 2022 21:12:04 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 733

GET
H2 200 4747981.js Show response
js-na1.hs-scripts.com/ 2 KB
942 B 165ms
142ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/4747981.js
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adcb209426e86d288078b9fc437b3cc10300b8480541704ace90c3b0d890dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 21 Dec 2022 00:03:12 GMT
server: cloudflare
x-hubspot-correlation-id: 0a1796c4-386b-469f-9d86-aaabe766a4c1
x-trace: 2BEE2CB941AECD90343DE3B5FDBB66F876DF406753000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://greatwatersfinancial.com
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 77d39d270ba292ba-FRA

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 43ms
7ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 15:54:34 GMT
Content-Encoding: gzip
Via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 19051
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: kadcH5JKJccsg7pU6m4y0AWN5lE_ODsxvTm5c2MSJZgm7yzYIGoUuw==

GET
H2 200 manifest.js Show response
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/ 6 KB
2 KB 157ms
156ms Script
application/javascript 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/manifest.js?ver=1667332900
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 27b9f3a2cb7e0914b520725262699d7e5ab86997648706a394cc35a14d4fd555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:04 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: W/"63617b24-19a3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 vendor.js Show response
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/ 379 KB
103 KB 244ms
243ms Script
application/javascript 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/vendor.js?ver=1667332900
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca125b747fa55c240b15a32ec9b0871321b79b7089a0515cdc3a6a02d20fe89b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:04 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: W/"63617b24-5ed3d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 app.js Show response
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/ 24 KB
5 KB 175ms
175ms Script
application/javascript 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.js?ver=1667332900
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ad427efd09249686c44c82e438f00acd987326151a7b3d6ea3406f90e331112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:04 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: W/"63617b24-61d4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
greatwatersfinancial.com/wp-includes/js/ 18 KB
5 KB 231ms
230ms Script
application/javascript 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: nginx
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
911 B 43ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;600;700;800&display=swap

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90ddf88ef9f25e6d7cce6c62a322ba99f54b5a023233e8b40358fd5010c335cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 21:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 21:12:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 21:12:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 56ms
14ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 21:12:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JqdCLE0obiJiMJGnZxNHSxZUye1uCZ17+2HV9FJyRUmuqGMIZdhNoW0E5piFUc9s38Zsi2Kc9v8xWEz/reo7uQ==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
59 KB 128ms
67ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T57865S

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

595bf7091c1e195f1a49f35526a81e2cbe48815b863829e30d7a04619d397b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 60594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 21 Dec 2022 21:12:05 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 131ms
44ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=mpj6ijb&ht=tk&f=37177.37178.37181.37182&a=38270999&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mpj6ijb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 750749966358160 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 131ms
131ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/750749966358160?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40e5c4ffaf8f4f40ac1d073e1607a3dd5e99f9fb9cad74dccc1d920ee20aff7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Dec 2022 21:12:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LrkQpesWJfddcC3jZeLUSABrQwQukIHGFFKFSIss0bWDzbj4VTg3RJ/GYv8T5Q09suNG+XnAlsifNFScr+iS4w==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 81ms
12ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77929590-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 20:27:21 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2684
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 21 Dec 2022 22:27:21 GMT

GET
H2 200 l
use.typekit.net/af/ca0a63/00000000000000007735c456/30/ 21 KB
21 KB 53ms
15ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ca0a63/00000000000000007735c456/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mpj6ijb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9f5c988eedba6e165817d8a97af3e5ffec78a9713c6ddc1ee8796d32de1306df

Request headers

Referer: https://use.typekit.net/mpj6ijb.css
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
server: nginx
etag: "9127b5bb6f61be511ef309ddbc36e56fa29b5d19"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21192

GET
H2 200 Generator-Regular.woff2
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/ 21 KB
22 KB 168ms
166ms Font
font/woff2 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/Generator-Regular.woff2
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2f147e925fd2c81ac686729c9591d478bec63d4d1c730350ee3da6c2726b3b0

Request headers

Referer: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: "63617b24-551c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21788

GET
H2 200 Generator-Black.woff2
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/ 20 KB
20 KB 184ms
182ms Font
font/woff2 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/Generator-Black.woff2
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b0f60e1ac988aa46b6e50a5bcfe37dbb32c8c21c526ac3339f58b28bf7d7effc

Request headers

Referer: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: "63617b24-50d8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20696

GET
H2 200 l
use.typekit.net/af/857ae9/00000000000000007735c460/30/ 21 KB
21 KB 23ms
13ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/857ae9/00000000000000007735c460/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mpj6ijb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a676b867970d7dd24170f329faf9a30535ae8a983b2a94b1b4b083add085374c

Request headers

Referer: https://use.typekit.net/mpj6ijb.css
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
server: nginx
etag: "d1ce55059493e397805699ef26f0df9e16d51f62"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21536

GET
H2 200 Generator-SemiBold.woff2
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/ 21 KB
21 KB 201ms
199ms Font
font/woff2 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/Generator-SemiBold.woff2
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a30350ab8063aea51478f71680615e360c3bc9e5dd541eb9746e8f69697d851e

Request headers

Referer: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: "63617b24-5430"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21552

GET
H2 200 Generator-UltraBold.woff2
greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/ 21 KB
21 KB 213ms
213ms Font
font/woff2 34.168.178.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/assets/fonts/Generator-UltraBold.woff2
Requested by: Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.178.255 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.178.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 825a77edb9b391dd324c1ca38db7be374f1f0ecb248d647cee48bed74f5a0407

Request headers

Referer: https://greatwatersfinancial.com/wp-content/themes/greatwaterfinancial/dist/app.css?ver=1667332900
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
last-modified: Tue, 01 Nov 2022 20:01:40 GMT
server: nginx
etag: "63617b24-53ec"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21484

GET
H3

200

activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F Show response
11898804.fls.doubleclick.net/ Frame 0EF4
Redirect Chain

https://11898804.fls.doubleclick.net/activityi;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosure...
https://11898804.fls.doubleclick.net/activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgre...

503 B
293 B

97ms
56ms

Document
text/html

142.251.208.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11898804.fls.doubleclick.net/activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T57865S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f6.1e100.net

Software

cafe /

Resource Hash

2b94d98d02a4d8c065446c1708c0c6ec6b368cd9e92bbcaad7350b60de183146

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greatwatersfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 21:12:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 21:12:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11898804.fls.doubleclick.net/activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4747981.js Show response
js.hs-analytics.net/analytics/1671657000000/ 64 KB
20 KB 205ms
174ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1671657000000/4747981.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4747981.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e45651fdab276f1cd79ae750fc1a7a6a683db0f34dc70443f3ba2c8510bc90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: G3VHM0703FEABGFZ
x-amz-server-side-encryption: AES256
x-amz-id-2: ohbNLwnxwftx7o1Tco+B5ZXdPwSLXw9nw2Z91GFSj58fWtpiZz/h5RrAWen9cp7zRvtw/4RIUds=
last-modified: Thu, 01 Dec 2022 14:13:44 GMT
server: cloudflare
etag: W/"ee202a353c11d068bb0ea8a0ab9dd5c2"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 77d39d285fc89b74-FRA
expires: Wed, 21 Dec 2022 21:17:05 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 57ms
32ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4747981.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
x-amz-version-id: zFL9ePVKol2FHiQyTIIp8GqFQtgXkdvq
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 192
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11564/bundles/project.js&cfRay=77d398780e829199-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Dec 2022 07:38:59 UTC
server: cloudflare
etag: W/"3f8937b5e0033972ae4f0d4dcf06cffa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 77d39d284d489bc4-FRA
x-amz-cf-id: 45RiRRdIIQU5kbe1V324b8dwz9wolozR3thiHA2wB4nIIrL8cFc90w==
x-hs-target-asset: conversations-embed/static-1.11564/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4747981/ 202 KB
63 KB 712ms
688ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4747981/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4747981.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7dacc1c7bee40ffc7f9087843d28bde4825a2eb2adc9f49d13463a2c3175147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
x-amz-version-id: lBewKX6.vDb3ibbdI1aPPVu6idCFLwOd
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: G3VV354HA6YKNE1B
x-amz-server-side-encryption: AES256
x-amz-id-2: a6cioCj0ktfNrpdhRRv7l+gi74SfQHukisR75PrSGAQ6auoppObV20O/JNB24WK9fGxa3xtLFbbbEuKNiZsTNw==
last-modified: Thu, 08 Dec 2022 21:10:07 GMT
server: cloudflare
etag: W/"7596b2baf0dc21c909f98da61ed707b6"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://greatwatersfinancial.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 77d39d285bd8bbdd-FRA
expires: Wed, 21 Dec 2022 21:17:05 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 173ms
125ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4747981.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7

Request headers

Referer: https://greatwatersfinancial.com/
Origin: https://greatwatersfinancial.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
x-amz-version-id: SN4HXBautbT5xHa4DdPckLpyluwLE8QR
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=77d39d287be65c50-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:49:13 UTC
server: cloudflare
etag: W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 77d39d287be65c50-FRA
x-amz-cf-id: mDp4ULBK7QeAOPaKIsT9TLrGnpsVwOAvAOsADixHHnJqRxWGMld6YA==
x-hs-target-asset: collected-forms-embed-js/static-1.312/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 44ms
19ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/4747981.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
x-amz-version-id: uc7chkM909y9_fdLpHcf_jlYEUuyZ4oj
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 466
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.303/bundles/pixels-release.js&cfRay=77d391c759cc8fee-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Dec 2022 06:51:27 UTC
server: cloudflare
etag: W/"cac538694d8cb071669002abe101c1fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 77d39d284becbb91-FRA
x-amz-cf-id: -c97PIZGPAnYj18FcOV7JuGimmCsKUDw-cy41c7T3KXaB1dP98m4bA==
x-hs-target-asset: adsscriptloaderstatic/static-1.303/bundles/pixels-release.js

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 34ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=750749966358160&ev=PageView&dl=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&rl=&if=false&ts=1671657125190&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671657125189.2057320772&it=1671657125019&coo=false&rqm=GET

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Dec 2022 21:12:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 84ms
42ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=871810974&t=pageview&_s=1&dl=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&ul=en-us&de=UTF-8&dt=Disclosures%20%7C%20Great%20Waters%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1864061164&gjid=754622432&cid=1555045157.1671657125&tid=UA-77929590-1&_gid=542120068.1671657125&_r=1&gtm=2oubu0&did=dZTNiMT&gdid=dZTNiMT&z=1192490297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://greatwatersfinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 21:12:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greatwatersfinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 197ms
168ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4747981&conversations-embed=static-1.11564&mobile=false&messagesUtk=60083e30d38345d4a80b813d4fc020cb&traceId=60083e30d38345d4a80b813d4fc020cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://greatwatersfinancial.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://greatwatersfinancial.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77d39d28dd2691e9-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 21 Dec 2022 21:12:05 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFEyMupu%2Fi5wHXtIIkeavu6xO7guENHkP0P%2FbzH%2BWSdlYfwLNuHYE7EaAuL9AlH%2BxeZSfR5zuef%2Fce3ib5g6RJZza4MRywenMtGoKAhJMJBRiHJZj1%2F4FzMGbb2cF7tiesMB6fy9r6MQ0xKclQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 5beded6f-4b04-44dc-9433-550add49fef1
x-trace: 2BF38086419105359722AC552250430A1611D10208000000000000000000

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 544ms
535ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b623ac8958e64fe5b4934a0de93015a8862c6c7805bcaca281b469263a212666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://greatwatersfinancial.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://greatwatersfinancial.com/disclosures/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5edd8a86-4803-40b9-abf9-37818d7279da
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1465
server: cloudflare
x-trace: 2B5C5CB18A0D2866B8A682716BE7C9096C651B84BE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://greatwatersfinancial.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dspj9trOMzpUZ1lt8OaGVVjvsigvgXWInmfMCmQobX%2BcKb%2BG4NcjTEIPPeN7a578zXLh19ufMkzpeoSW2fNa7O5fkaUV4HlUBTot%2BOVkWRr41G%2FSeIa5yT6F3eSs0R%2BQ%2FkvHla%2B2gn76VmYPfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 77d39d29fb989bef-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 66ms
20ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77929590-1&cid=1555045157.1671657125&jid=1864061164&gjid=754622432&_gid=542120068.1671657125&_u=YGBACUAABAAAACAAI~&z=1893635942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://greatwatersfinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Dec 2022 21:12:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greatwatersfinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
680 B 156ms
141ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4747981&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582dd73461848a955036e89cc81251b07c9da2e03a90fbc58bdf6f298d5f4817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://greatwatersfinancial.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 79ffd9a2-9b04-4a95-ada1-87e03308eaed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://greatwatersfinancial.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWdi1vtjZrgYAngpZa7EYgiJ9XJjKBPZqqN%2F7ZzljTH%2F6WkEoZE2L7yVut9JxC4VbtuQsVoCwJGcFbMKW6u1HMf7oZqtnbd5%2Fy15iMLsmqwYB5XtdQUrQ7kVbLWSV0v5v6t5iBSSG7kq4pxtblTz"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 77d39d298e6f91e9-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 467ms
57ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-77929590-1&cid=1555045157.1671657125&jid=1864061164&_u=YGBACUAABAAAACAAI~&z=1471301910

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 21:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 442ms
33ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-77929590-1&cid=1555045157.1671657125&jid=1864061164&_u=YGBACUAABAAAACAAI~&z=1471301910

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 21:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
438 B 225ms
149ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: c348bc12-6366-463a-9e22-6011a6694650
x-trace: 2B410364FCAB1ACCAF77612AF414BF07F03DD42A76000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 77d39d2c1e3992b7-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BB0E 0
18 B 21ms
10ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: greatwatersfinancial.com
URL: https://greatwatersfinancial.com/disclosures/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://greatwatersfinancial.com
Referer: https://greatwatersfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://greatwatersfinancial.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 21:12:05 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F Show response
adservice.google.com/ddm/fls/i/ Frame DA02 502 B
739 B 70ms
44ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F

Requested by

Host: 11898804.fls.doubleclick.net
URL: https://11898804.fls.doubleclick.net/activityi;dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

858894f5c0adc798ab38b1d6be7bf82e9e4108155d9babd109f36c024cd400fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11898804.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 21:12:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 75 B
848 B 161ms
141ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=4747981

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96f0b89bfd894d4df17aa3caa771d692ec42c303d0908cbf935cf7d59559e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0f4f246c-a0ce-42e5-bf11-050c80d98624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B260521C88C8716A9F59E9F96BFC8448269DC763C000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://greatwatersfinancial.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11Z3WMe13fITvkgVLiDkz1Hw1ObU%2FtFakPn7FlZa69DUwoc5zpJL8EBshR7V41UxCxXIhiOqXALaA7EhCRCYM9E0D%2BJmOiNYs60weL88qGF3S1%2B8XdVRKSlf4%2FGHcUIbrzKdAPSvnjRB5mrc"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 77d39d2cdca79299-FRA
access-control-allow-headers: *

GET
H2 200 dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F Show response
adservice.google.de/ddm/fls/i/ Frame 17D3 194 B
776 B 227ms
45ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJPEkonQi_wCFfYaewodEC4NkQ;src=11898804;type=bridge;cat=2022_0;ord=8706419652384;gtm=2wgbu0;auiddc=701268565.1671657125;~oref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 21:12:06 GMT
expires: Wed, 21 Dec 2022 21:12:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 60083e30d38345d4a80b813d4fc020cb Show response
app.hubspot.com/conversations-visitor/4747981/threads/utk/ Frame A80E 51 KB
19 KB 375ms
334ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4747981/threads/utk/60083e30d38345d4a80b813d4fc020cb?uuid=6d4cc507504942c5ba7f7c662af9c35a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=greatwatersfinancial.com&inApp53=false&messagesUtk=60083e30d38345d4a80b813d4fc020cb&url=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4183a2d536b885d553c40a1019ecb95a9ac5f70614c0c3613228c75b9e952a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://greatwatersfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1900
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 77d39d2dcb309bce-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14016/html/index.html&cfRay=77d39d2dcb309bce&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4747981%2Fthreads%2Futk%2F60083e30d38345d4a80b813d4fc020cb%3Fuuid%3D6d4cc507504942c5ba7f7c662af9c35a%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dgreatwatersfinancial.com%26inApp53%3Dfalse%26messagesUtk%3D60083e30d38345d4a80b813d4fc020cb%26url%3Dhttps%253A%252F%252Fgreatwatersfinancial.com%252Fdisclosures%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fgreatwatersfinancial.com%2F&cfenv=prod&pdt=2022-12-21&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 21:12:06 GMT
etag: W/"5f080c549f8437ecb0e4beb10a8fdb96"
last-modified: Tue, 13 Dec 2022 07:38:59 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=77d39d2dcb309bce&resource=conversations-visitor-ui/static-1.14016/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-amz-cf-id: f3lEqKxJvGh_EMNA-eAkN3cNsq7u6ffdei-dwreP5kys95BSSHqzOw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: YSNPE3zUYj3dMXXqe1cCrPPL5YxQyJ0G
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.14016/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.245/ Frame A80E 44 KB
16 KB 73ms
49ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4747981/threads/utk/60083e30d38345d4a80b813d4fc020cb?uuid=6d4cc507504942c5ba7f7c662af9c35a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=greatwatersfinancial.com&inApp53=false&messagesUtk=60083e30d38345d4a80b813d4fc020cb&url=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1388688
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
server: cloudflare
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3ZZNlo4HmwD0sDx0wfNNjqR%2FjKqJSvLqhu1Usb0QyvPe22MGddhUUkabsuDwqwjUlXa4tz%2BqL4ln2tj0mzOoSjJxq086Rz3Jhin6fTWlTRJAIQ1eJwgyViZ4KDN9MDwneQaiMYgvXAWTlqAnf9G27U8Ic4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 77d39d2fedc7bb79-FRA
x-amz-cf-id: rg6pBGl6ZbPrvTzuKeRO0jYum8DS5k-t1cVHsWLM_H6xLJKDtdqdEg==
expires: Thu, 21 Dec 2023 21:12:06 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/ Frame A80E 20 KB
4 KB 74ms
51ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b7bd1989f03f297ee3eb31e02148f3b00de8752e57edf8820d9e4d6efd223a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
x-amz-version-id: hYgqjzdqx6QyhZH807FkloiLc0TGhAXY
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1994719
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 19:04:10 GMT
server: cloudflare
etag: W/"0e729a3fa047d67852c356071b611db3"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQGIn24McPn3eatOBdkwnQ7rqo%2FME0C3z72BgJjbauIKuB4y9%2FJvMU0iv8ccV9kZvCU%2BD6DDC95sgGLbnboyYXmxmP2o5b2FUzRXQ7QzCbJi%2BNzC0M4%2F2KnjusmqilOnVtbbY6WkUCFMqEZcCWVrzAjQww8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 77d39d2fe9259b57-FRA
x-amz-cf-id: WMhmsun7-RKJzaMyPH9__6yxHP2m8oOsv3srJWoTkLT2jHx8512CHw==
expires: Thu, 21 Dec 2023 21:12:06 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.332/ Frame A80E 295 KB
95 KB 51ms
30ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
x-amz-version-id: 5fbvyIgmgfc2EQptzTy6EeP9FKqExCxl
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DUS51-P2
age: 1214062
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Nov 2022 18:32:01 GMT
server: cloudflare
etag: W/"d9e371a943207738b889e588b0560980"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja3UwDBn56U7pxRov38dtjJiCH7Sed6tozpFQsZ4ikkm2yznLu%2BoI2ieZmbRIK3OVuG77AkpSGzNb5qqPz5Ed0f0aUlfb1WexM6IlHfD%2BF59BkfYMP%2BqZdRas%2BjPtbet8bGxn8TzY2hY%2BUX0AFMUt3neTV4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 77d39d2fedcdbb79-FRA
x-amz-cf-id: EwxqMXGzAqeHWAzoSYDGNwr1D1_Y2wz34j4cMR4yxnfUfhBWWBxU6Q==
expires: Thu, 21 Dec 2023 21:12:06 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/ Frame A80E 587 KB
173 KB 59ms
39ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f51049cdd08297abbda5d1fcbda5b06d271e790919e798c9855a1759e60e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
x-amz-version-id: vUhUT370SWrRv6puTlWERgGVif4lytZl
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 696771
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 19:13:14 GMT
server: cloudflare
etag: W/"395556906df4b75c6fcd3aea08aa9765"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrylisH%2BktCp0rmn690t3WfBuhj5iMaLFqjdodeb1sEvRH72zx7JlxnPggMJnTzANfg%2FPfSLBC7E37QNVnT7i5%2BbMudbX8iqmubZvg4BxcekWqaR6PRzFVTcp%2BFzpwwCCYi8N%2FnYQYG5GgytQOxE%2B9CJxkk%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 77d39d2fedd2bb79-FRA
x-amz-cf-id: lvC7qH3QTMXBTovISvrOBulsDM5ELU42UUw2pj-KSCB5bvD_J9Lehw==
expires: Thu, 21 Dec 2023 21:12:06 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13999/ Frame A80E 776 B
1 KB 58ms
38ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13999/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df64d64810052218d1c083e1bcf45e4fae2f972879a0928b81b8bfe4fd8c27d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
x-amz-version-id: H95IoIXm8BglMNCwpDfkD_PTva4.Qjnp
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 696771
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 22:36:55 GMT
server: cloudflare
etag: W/"ffc83dec8d5478899f21f43c06da8205"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75JuiUO5mOiEU97w1kOVryOuANdY86LZyLKzr%2BLGCGLavD525jIDtvjJtLt6EXI6sPAywJzwIRb837TPIW25NCYnmeUfeksoWSJOr33dh9qK35A2bL3BuBJRfutHcURgLu9uwpBFmOwbK0Lfj9S0x8bQN5M%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 77d39d30e8985c85-FRA
x-amz-cf-id: 17f6nXHd402l2sfM3MiCkW3Kz87Qn7ejEetPNQfapPsLgUmHjyJUqA==
expires: Thu, 21 Dec 2023 21:12:06 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame B432 0
181 B 131ms
57ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=igq0hfv&ref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&upid=qnmii13&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greatwatersfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 21 Dec 2022 21:12:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6410 0
182 B 108ms
35ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=igq0hfv&ref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&upid=qnmii13&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greatwatersfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 21 Dec 2022 21:12:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 4AD9 0
181 B 129ms
56ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=igq0hfv&ref=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&upid=qnmii13&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greatwatersfinancial.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 21 Dec 2022 21:12:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 1383837205008403 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 85ms
85ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1383837205008403?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

004935c0a304f4a389b7e62e2ace462868617fba8522e345bc74268e2e3ac2d2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Dec 2022 21:12:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MGJ0XEHF0VpLdxHoxDKHjio/N0LG9RnKD441mzNAmbKwu2F72jrPayijLCUqbZ3Ca9S5Cl+gsQmHEXUP0pwkdQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
513 B 155ms
155ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=4747981&rcu=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&pu=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&t=Disclosures+%7C+Great+Waters+Financial&cts=1671657126613&vi=311db6eef874057da13aa7f5ea9a095f&nc=true&u=151329766.311db6eef874057da13aa7f5ea9a095f.1671657126609.1671657126609.1671657126609.1&b=151329766.1.1671657126609&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f15a01fa-929c-4c3f-8f1d-5488443c1f88
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K23Ja9TO1kKmzj%2B8lL3EaANKaxq7PpKXceZ0%2FR766xGGxkaU3p9nfKFWB0nsSEim0bVPwvJm0Q1%2FEER05zeQHI35uQIOPHsqeTqNHpJfzLFAWK5vXqal9Y9fMvERKbZ38%2BZwxXnbdKg90n4oMwgg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 77d39d315bc79bce-FRA
x-robots-tag: none

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame A80E 0
1 KB 208ms
194ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14016

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/4747981/threads/utk/60083e30d38345d4a80b813d4fc020cb?uuid=6d4cc507504942c5ba7f7c662af9c35a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=greatwatersfinancial.com&inApp53=false&messagesUtk=60083e30d38345d4a80b813d4fc020cb&url=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Dec 2022 21:12:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d377d191-3964-4e44-a6b1-a7ec250eb137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLun6rCEubKQ5ANth6v0nqw3StS9lOhPhWypGIKVt4xRSxegynJxD5L9ugb8PFpaJQL5SyYP3X1ZCQM%2FqclphdQ5gTe1wz2EevODr%2Bah8EpSdCU2F0q4x%2BAvKZfqxDZniv1I7I12VnofIu27Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 77d39d31895fbbdd-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1383837205008403&ev=PageView&dl=https%3A%2F%2Fgreatwatersfinancial.com%2Fdisclosures%2F&rl=&if=false&ts=1671657126703&sw=1600&sh=1200&ud[external_id]=311db6eef874057da13aa7f5ea9a095f&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671657125189.2057320772&it=1671657125019&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatwatersfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Dec 2022 21:12:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.greatwatersfinancial.com/	1970-01-20 10:30:33	Name: _gcl_au Value: 1.1.701268565.1671657125
.greatwatersfinancial.com/	1970-01-20 10:30:33	Name: _fbp Value: fb.1.1671657125189.2057320772
.greatwatersfinancial.com/	1970-01-20 17:56:57	Name: _ga Value: GA1.2.1555045157.1671657125
.greatwatersfinancial.com/	1970-01-20 08:22:23	Name: _gid Value: GA1.2.542120068.1671657125
.greatwatersfinancial.com/	1970-01-20 08:20:57	Name: _gat_gtag_UA_77929590_1 Value: 1
.doubleclick.net/	1970-01-20 08:20:58	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 08:20:58	Name: __cf_bm Value: OzowBgU6xjsL.ZvxzuaVOwEnDNINXJ709ITyneHdQCE-1671657126-0-AdJ0Dao8q08mutXtBqwr7I506VMGq85q7wHylbRRrr1DrDYwl4FZ5wjUIBuwFcU3yHbqORn89Ed8vzQ1FCrrWao=
.greatwatersfinancial.com/	1970-01-20 12:40:09	Name: __hstc Value: 151329766.311db6eef874057da13aa7f5ea9a095f.1671657126609.1671657126609.1671657126609.1
.greatwatersfinancial.com/	1970-01-20 12:40:09	Name: hubspotutk Value: 311db6eef874057da13aa7f5ea9a095f
.greatwatersfinancial.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.greatwatersfinancial.com/	1970-01-20 08:20:58	Name: __hssc Value: 151329766.1.1671657126609
.greatwatersfinancial.com/	1970-01-20 12:40:09	Name: messagesUtk Value: 60083e30d38345d4a80b813d4fc020cb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11898804.fls.doubleclick.net
adservice.google.com
adservice.google.de
api.hubapi.com
api.hubspot.com
app.hubspot.com
connect.facebook.net
fonts.googleapis.com
forms.hsforms.com
forms.hubspot.com
greatwatersfinancial.com
insight.adsrvr.org
js-na1.hs-scripts.com
js.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
p.typekit.net
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.greatwatersfinancial.com
142.251.208.102
2606:4700:4400::6812:21ab
2606:4700::6810:5505
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:81ab
2606:4700::6811:9d2
2606:4700::6811:cbcc
2606:4700::6811:d3cc
2606:4700::6811:efcc
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:806::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:830::2002
2a00:1450:400d:803::2008
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2004
2a00:1450:4025:401::9a
2a02:26f0:11a::217:9a58
2a02:26f0:11a::6867:4832
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
34.168.178.255
35.71.131.137
65.9.65.116
004935c0a304f4a389b7e62e2ace462868617fba8522e345bc74268e2e3ac2d2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
104ebd1d8b36d7d7132833649ffcf7745c5ce42339a9ac86458d50eee58104ea
1b90e1e7593b20231bcfefab4de56261fb3ee73bd7d0362fc6b2b2564b499a3d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
27b9f3a2cb7e0914b520725262699d7e5ab86997648706a394cc35a14d4fd555
298a0742b760a8eda29bf2916a7222a1d32c4ccfe8034cc4b33d231f421fb398
2b94d98d02a4d8c065446c1708c0c6ec6b368cd9e92bbcaad7350b60de183146
334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0
3999cf864b43937c278afeae5b60b6db69bb234d5641202c9e7a2385029aa3b7
39a56deb898286630bde7f9e30fce874a438944cf55f12137b00f58da2e0fd7f
40e5c4ffaf8f4f40ac1d073e1607a3dd5e99f9fb9cad74dccc1d920ee20aff7b
48f51049cdd08297abbda5d1fcbda5b06d271e790919e798c9855a1759e60e9f
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
582dd73461848a955036e89cc81251b07c9da2e03a90fbc58bdf6f298d5f4817
5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022
595bf7091c1e195f1a49f35526a81e2cbe48815b863829e30d7a04619d397b38
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6ad427efd09249686c44c82e438f00acd987326151a7b3d6ea3406f90e331112
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7bd1989f03f297ee3eb31e02148f3b00de8752e57edf8820d9e4d6efd223a5
825a77edb9b391dd324c1ca38db7be374f1f0ecb248d647cee48bed74f5a0407
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858894f5c0adc798ab38b1d6be7bf82e9e4108155d9babd109f36c024cd400fa
90ddf88ef9f25e6d7cce6c62a322ba99f54b5a023233e8b40358fd5010c335cd
923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d
9f5c988eedba6e165817d8a97af3e5ffec78a9713c6ddc1ee8796d32de1306df
a30350ab8063aea51478f71680615e360c3bc9e5dd541eb9746e8f69697d851e
a676b867970d7dd24170f329faf9a30535ae8a983b2a94b1b4b083add085374c
adcb209426e86d288078b9fc437b3cc10300b8480541704ace90c3b0d890dffe
b0f60e1ac988aa46b6e50a5bcfe37dbb32c8c21c526ac3339f58b28bf7d7effc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b623ac8958e64fe5b4934a0de93015a8862c6c7805bcaca281b469263a212666
b7dacc1c7bee40ffc7f9087843d28bde4825a2eb2adc9f49d13463a2c3175147
be4183a2d536b885d553c40a1019ecb95a9ac5f70614c0c3613228c75b9e952a
ca125b747fa55c240b15a32ec9b0871321b79b7089a0515cdc3a6a02d20fe89b
d2f147e925fd2c81ac686729c9591d478bec63d4d1c730350ee3da6c2726b3b0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df64d64810052218d1c083e1bcf45e4fae2f972879a0928b81b8bfe4fd8c27d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e45651fdab276f1cd79ae750fc1a7a6a683db0f34dc70443f3ba2c8510bc90
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf
f96f0b89bfd894d4df17aa3caa771d692ec42c303d0908cbf935cf7d59559e29

greatwatersfinancial.com Open in urlscan Pro 34.168.178.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

85 %IPv6

21 Domains

30 Subdomains

27 IPs

5 Countries

967 kBTransfer

2872 kBSize

12 Cookies

4 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

greatwatersfinancial.com Open in urlscan Pro
34.168.178.255 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

85 %
IPv6

21
Domains

30
Subdomains

27
IPs

5
Countries

967 kB
Transfer

2872 kB
Size

12
Cookies

55 HTTP transactions
0 data transactions