nationalinvestmentguide.com Open in urlscan Pro
209.170.211.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nationalinvestmentguide.com/
Effective URL:
https://nationalinvestmentguide.com/
Submission: On January 12 via manual (January 12th 2021, 4:40:39 pm UTC) from GB

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 48 HTTP transactions. The main IP is 209.170.211.187, located in Venice, United States and belongs to ASN-VINS, US. The main domain is nationalinvestmentguide.com.
TLS certificate: Issued by R3 on December 6th 2020. Valid for: 3 months.

This is the only time nationalinvestmentguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	209.170.211.187 209.170.211.187	13649 (ASN-VINS) (ASN-VINS)
20	104.16.20.19 104.16.20.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	51.254.217.169 51.254.217.169	16276 (OVH) (OVH)
3	35.177.168.187 35.177.168.187	16509 (AMAZON-02) (AMAZON-02)
1	209.170.211.179 209.170.211.179	13649 (ASN-VINS) (ASN-VINS)
48	14

2 209.170.211.187 (Venice, United States) 1 redirects

ASN13649 (ASN-VINS, US)

nationalinvestmentguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.16.20.19 (United States)

ASN13335 (CLOUDFLARENET, US)

optassets.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.254.217.169 (France)

ASN16276 (OVH, FR)
PTR: 169.ip-51-254-217.eu

www.addpeople.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.177.168.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com

ruler.nyltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.nyltx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.170.211.179 (Venice, United States)

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com

jeeves.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ontraport.com optassets.ontraport.com app.ontraport.com i.ontraport.com jeeves.ontraport.com	754 KB
9	gstatic.com fonts.gstatic.com	180 KB
3	nyltx.com ruler.nyltx.com analytics.nyltx.com	54 KB
3	googleapis.com fonts.googleapis.com	25 KB
2	bing.com bat.bing.com	8 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	69 KB
2	nationalinvestmentguide.com 1 redirects nationalinvestmentguide.com	28 KB
1	addpeople.co.uk www.addpeople.co.uk	968 B
1	google.de www.google.de	107 B
1	google.com www.google.com	293 B
1	doubleclick.net stats.g.doubleclick.net	96 B
1	smartlook.com rec.smartlook.com	9 KB
48	13

	Domain	Requested by
13	i.ontraport.com	nationalinvestmentguide.com
9	fonts.gstatic.com	fonts.googleapis.com
6	optassets.ontraport.com	nationalinvestmentguide.com
3	fonts.googleapis.com	nationalinvestmentguide.com optassets.ontraport.com
2	analytics.nyltx.com	ruler.nyltx.com
2	bat.bing.com	www.googletagmanager.com nationalinvestmentguide.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	nationalinvestmentguide.com
2	nationalinvestmentguide.com	1 redirects
1	jeeves.ontraport.com	optassets.ontraport.com
1	ruler.nyltx.com	nationalinvestmentguide.com
1	www.addpeople.co.uk	nationalinvestmentguide.com
1	www.google.de	nationalinvestmentguide.com
1	www.google.com	nationalinvestmentguide.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	app.ontraport.com	nationalinvestmentguide.com
1	rec.smartlook.com	nationalinvestmentguide.com
48	17

This site contains no links.

Subject Issuer	Validity	Valid
nationalinvestmentguide.com R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
*.ontraport.com Go Daddy Secure Certificate Authority - G2	`2020-10-26` - `2021-11-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
1610534878.rsc.cdn77.org Let's Encrypt Authority X3	`2020-12-01` - `2021-03-01`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.addpeople.co.uk R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
ruler.nyltx.com R3	`2020-12-22` - `2021-03-22`	3 months	crt.sh
analytics.nyltx.com Let's Encrypt Authority X3	`2020-11-24` - `2021-02-22`	3 months	crt.sh
jeeves.ontraport.com Let's Encrypt Authority X3	`2020-11-26` - `2021-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nationalinvestmentguide.com/
Frame ID: F75E8CE24F4E261A89420C1BAA007151
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nationalinvestmentguide.com/ HTTP 302
https://nationalinvestmentguide.com/ Page URL

Page Statistics

48
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

17
Subdomains

14
IPs

5
Countries

1147 kB
Transfer

2541 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nationalinvestmentguide.com/ HTTP 302
https://nationalinvestmentguide.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
nationalinvestmentguide.com/
Redirect Chain

http://nationalinvestmentguide.com/
https://nationalinvestmentguide.com/

245 KB
27 KB

2163ms
1828ms

Document
text/html

209.170.211.187
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://nationalinvestmentguide.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 209.170.211.187 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: ONTRAport /
Resource Hash: 2e46d904c49641426c28e7ed0eb5fd44f8191639484d875168e937d1dc8e5400

Request headers

Host: nationalinvestmentguide.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: secure_redirect=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 16:40:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: lpsplt_87=0; path=/; SameSite=Lax
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-class: default
X-op-release: 3
X-op-ca: 10.2.80.206
Server: ONTRAport
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip

Redirect headers

Date: Tue, 12 Jan 2021 16:40:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: secure_redirect=1; expires=Tue, 12-Jan-2021 16:40:16 GMT; path=/; SameSite=Lax
location: https://nationalinvestmentguide.com
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-class: default
X-op-release: 3
X-op-ca: 10.2.80.206
Server: ONTRAport
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 208 KB
34 KB 125ms
52ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66124a703494fd203a7e047a40e03bbcba4912de89d29e4f76af181d11cb7bc

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2874
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
cf-request-id: 079911482f0000ee0ff435a000000001
server: cloudflare
x-op-ca: 10.2.80.206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 61085186b853ee0f-CDG
expires: Tue, 12 Jan 2021 20:40:17 GMT

GET
H3-Q050 200 icon
fonts.googleapis.com/ 574 B
808 B 45ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 16:40:17 GMT
server: ESF
date: Tue, 12 Jan 2021 16:40:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 16:40:17 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 40ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168567035-1

Requested by

Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca0530860390b738690d35b0cb0a80b7aba4cdd0547d665ad2cc7ca17e93f3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38966
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Jan 2021 16:40:17 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
31 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCTFHL9

Requested by

Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e7e608be627c86d7c05f7f896cd39c235cc9a3a7a8582e7d23f218973daf77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31977
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Jan 2021 16:40:17 GMT

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 29 KB
9 KB 112ms
30ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ddeb2f43c0bca7fd007c8652c4bf15151657a36e26bc82ebbbb215b4c0c22120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:17 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: bChgtCr6z4U=
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 299
x-77-nzt: AcO1rzXYhP7vKwEAAA==
last-modified: Mon, 14 Sep 2020 07:05:56 GMT
server: CDN77-Turbo
etag: W/"5f5f1654-75d0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
x-edge-ip: 195.181.175.53

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168567035-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4845
date: Tue, 12 Jan 2021 15:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 12 Jan 2021 17:19:32 GMT

GET
H2 200 opt_default_image.png
app.ontraport.com/images/ 5 KB
5 KB 74ms
54ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.ontraport.com/images/opt_default_image.png
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f697537edc72c0764b1ff7e9f1d3e21f601d82afb169ca435fc3e7f1a3af2415

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:17 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 206
cf-polished: origSize=5891
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
content-length: 4968
cf-request-id: 07991148f60000ee0f03b4c000000001
last-modified: Fri, 01 Feb 2019 01:27:57 GMT
server: cloudflare
x-op-ca: 10.2.80.206
etag: "5c53a09d-1703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Tue, 12 Jan 2021 17:00:17 GMT
cache-control: public, max-age=1200
x-op-class: app
accept-ranges: bytes
cf-ray: 61085187eb15ee0f-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 100ms
99ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCTFHL9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:17 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: A63DEFC1022F4B7F833AAAE89BED5C9F Ref B: FRAEDGE1506 Ref C: 2021-01-12T16:40:17Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H3-Q050 200 css
fonts.googleapis.com/ 283 KB
12 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6652ccb2994a056d8a4616d91fecb2a4cbf497418ad311d8c3c9a519c1a38243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 16:40:17 GMT
server: ESF
date: Tue, 12 Jan 2021 16:40:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 16:40:17 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 275 KB
12 KB 64ms
63ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd3fdf98bef080854d1860e3c8b16f80e8255bb7ead217d3d9925cc318048bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 16:40:17 GMT
server: ESF
date: Tue, 12 Jan 2021 16:40:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 16:40:17 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1767895315&t=pageview&_s=1&dl=https%3A%2F%2Fnationalinvestmentguide.com%2F&ul=en-us&de=UTF-8&dt=National%20Investment%20Guide%20%7C%20Best%20Bond%20Rates%20Comparison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=847311951&gjid=78777279&cid=519750142.1610469618&tid=UA-168567035-1&_gid=2114485101.1610469618&_r=1&gtm=2oubu0&z=1883989757

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 16:40:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nationalinvestmentguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-168567035-1&cid=519750142.1610469618&jid=847311951&gjid=78777279&_gid=2114485101.1610469618&_u=IEBAAUAAAAAAAC~&z=331298123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 12 Jan 2021 16:40:17 GMT
content-type: text/plain
access-control-allow-origin: https://nationalinvestmentguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 218706.780006cb1f4fe43940416ccbd8a3362a.JPEG
i.ontraport.com/ 81 KB
81 KB 1119ms
1076ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.780006cb1f4fe43940416ccbd8a3362a.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e63e6c0f239db2737390b44548767f99a2ec68d1dc9cf5446bac364b5c0281bd

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: A265C886B7813182
x-cache: Miss from cloudfront
content-length: 82917
cf-request-id: 079911499d0000ee0fcaad7000000001
last-modified: Fri, 29 May 2020 11:50:52 GMT
server: cloudflare
etag: "87c3ec65ad035bd6bd0c85878fe21040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:18 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085188fd14ee0f-CDG
x-amz-cf-id: 9H7KB70GVMmLbeFlteI4a0HRoY5oGJOB9G8qcMhXeNdh98VsPzYSCQ==
x-amz-id-2: 9d+oTxfDBmvAnY6tpMRqzCueN/YtalqoNWqM+LPayA3HLofMjK61J3QRiC+IN2Nj32RNkUPPPyA=

GET
H2 200 218706.ff48ceaca0045f2b9eca710af045f75b.PNG
i.ontraport.com/ 3 KB
4 KB 849ms
810ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.ff48ceaca0045f2b9eca710af045f75b.PNG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 957b75e8d1be40b4ea8f72bf14657f29a6e303551decc7f142eabd1be2428e3e

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
via: 1.1 24626a7ea6ae1a3cf25ff10af1f89348.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: B2A59BC78BE856DA
x-cache: Miss from cloudfront
content-length: 3354
cf-request-id: 07991149a20000ee0f86836000000001
last-modified: Fri, 29 May 2020 14:14:14 GMT
server: cloudflare
etag: "0486b4b6c4b4d41d4d5cadfac0a19ecf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:18 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085188fd16ee0f-CDG
x-amz-cf-id: y40aoHQcFsGDs0limzJ-nkQHb3IS7FPYEHw3MfEdPW5vl0ZXW5XwQg==
x-amz-id-2: T9FRuKOTWY1xWEIaa2veN/v7kacg5Xh1rLOhvM1LI0ymDTGuW4/dI9K2JD9MvJarlNyWj7qz7aA=

GET
H2 200 218706.3f7509fcbc04e7b310cdc08ae92067f2.JPEG
i.ontraport.com/ 88 KB
89 KB 1149ms
1113ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.3f7509fcbc04e7b310cdc08ae92067f2.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a572f10182fa713ead5026f217fe0c0f0a34e1a15aea48ed0475778cba8f5ebc

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 af3abf09293a5c762de5e451f8d6a913.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: BF94DB323BBF0299
x-cache: Miss from cloudfront
content-length: 90249
cf-request-id: 079911499e0000ee0ff8277000000001
last-modified: Mon, 01 Jun 2020 15:32:00 GMT
server: cloudflare
etag: "e5ce32e841cc9411574fe2c2a816f099"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:18 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085188fd18ee0f-CDG
x-amz-cf-id: lmmlO-dmBETW89_WRSpo6bas_zNUszy3c4fDfBvjFNF30D_MwbOvmg==
x-amz-id-2: 5/U+TTngcDeIkQhMasxJ6qVYRcjcoHLHjDZcc1NfZSRe6/97HP/c9aADxHGV0dNYgNcZMSdpL94=

GET
H3-Q050 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 9 KB
9 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 03:35:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:15 GMT
server: sffe
age: 392665
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8876
x-xss-protection: 0
expires: Sat, 08 Jan 2022 03:35:53 GMT

GET
H3-Q050 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 10 KB
10 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 21:27:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:00 GMT
server: sffe
age: 414749
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10228
x-xss-protection: 0
expires: Fri, 07 Jan 2022 21:27:49 GMT

GET
H3-Q050 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v70/ 96 KB
97 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v70/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 02:37:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Dec 2020 02:35:37 GMT
server: sffe
age: 50588
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98812
x-xss-protection: 0
expires: Wed, 12 Jan 2022 02:37:10 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 23ms
20ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 11:36:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 363806
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 08 Jan 2022 11:36:52 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 21:30:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 414565
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 07 Jan 2022 21:30:53 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 22:46:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 64429
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Tue, 11 Jan 2022 22:46:29 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 389540
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 08 Jan 2022 04:27:58 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 12:48:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 532297
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Thu, 06 Jan 2022 12:48:41 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nationalinvestmentguide.com
Referer: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 433693
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 07 Jan 2022 16:12:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 32ms
31ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-168567035-1&cid=519750142.1610469618&jid=847311951&_u=IEBAAUAAAAAAAC~&z=1600216208

Requested by

Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 16:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-168567035-1&cid=519750142.1610469618&jid=847311951&_u=IEBAAUAAAAAAAC~&z=1600216208

Requested by

Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 16:40:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anime.js Show response
optassets.ontraport.com/opt_assets/elements_v3/common/materialize-1-dev/js/ 16 KB
6 KB 38ms
36ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize-1-dev/js/anime.js
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2875
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
cf-request-id: 0799114a200000ee0f93963000000001
server: cloudflare
x-op-ca: 10.2.80.206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 61085189cec8ee0f-CDG
expires: Tue, 12 Jan 2021 20:40:18 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
optassets.ontraport.com/opt_assets/opt_boilerplates/v3/ 85 KB
29 KB 57ms
56ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt_boilerplates/v3/jquery-3.2.1.min.js
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2875
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
cf-request-id: 0799114a210000ee0f7d002000000001
server: cloudflare
x-op-ca: 10.2.80.206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 61085189cecaee0f-CDG
expires: Tue, 12 Jan 2021 20:40:18 GMT

GET
H2 200 opt-assets.js Show response
optassets.ontraport.com/opt_assets/ 298 KB
83 KB 70ms
69ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt-assets.js?1610053871
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3fb570bd1664c947b5ba51e7e5039b73fcadccc07b44b1654b76f79d5c057cc

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2875
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
cf-request-id: 0799114a210000ee0fe608f000000001
server: cloudflare
x-op-ca: 10.2.80.206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 61085189cecbee0f-CDG
expires: Tue, 12 Jan 2021 20:40:18 GMT

GET
H2 200 custom-elements.min.js Show response
optassets.ontraport.com/opt_assets/templates/custom-elements/ 18 KB
5 KB 45ms
44ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/templates/custom-elements/custom-elements.min.js
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2875
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
cf-request-id: 0799114a210000ee0f03b68000000001
server: cloudflare
x-op-ca: 10.2.80.206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 61085189ceccee0f-CDG
expires: Tue, 12 Jan 2021 20:40:18 GMT

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 10 KB
3 KB 43ms
42ms Script
text/html 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5561e8308eb5743824525749cf1fbb7207113619c0fa33e22170a073eddc77

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 4483
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 3
cf-request-id: 0799114a220000ee0ffd000000000001
server: cloudflare
x-op-ca: 10.2.80.206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 61085189ced0ee0f-CDG
expires: Tue, 12 Jan 2021 20:40:18 GMT

GET
H2 200 218706.a1c300c6d7f48d1d163a532f9dd39254.JPEG
i.ontraport.com/ 60 KB
61 KB 1079ms
1078ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.a1c300c6d7f48d1d163a532f9dd39254.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098af95d32313530865634f4abcf988bc08bfd3320d52787d2a378f7806d11b8

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 847372cac152a2575995d0b13be85a88.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: 28175F2594C97FD8
x-cache: Miss from cloudfront
content-length: 61686
cf-request-id: 0799114a310000ee0f7d004000000001
last-modified: Mon, 01 Jun 2020 15:32:42 GMT
server: cloudflare
etag: "117941c111c8bc63edc4bd9d584cced3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:18 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085189ef0dee0f-CDG
x-amz-cf-id: v3MIi3JVrkhCWkiAYK9pn6I9LtYQu-bZfOvoV166BK2BA-Z_Un-KAg==
x-amz-id-2: feKIOq1NRePYbhhBIBufj/YXwT6KIZuTRaYyjCpf7fb9/CrQSvk5JM2LZCANIs4pBnmxWwYeg5c=

GET
H2 200 218706.08404955afe6847cb1fde689d8897dfa.JPEG
i.ontraport.com/ 124 KB
125 KB 1119ms
1119ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.08404955afe6847cb1fde689d8897dfa.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193e1672727d13371bd55d1b14f9c0c16164763d327c19a9d59b8b6ace2a9f88

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 af3abf09293a5c762de5e451f8d6a913.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: C017ED7F2237717C
x-cache: Miss from cloudfront
content-length: 127204
cf-request-id: 0799114a320000ee0fc12c9000000001
last-modified: Mon, 01 Jun 2020 15:33:26 GMT
server: cloudflare
etag: "6c2d14d05d9d8c5694fe17240a2842ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:19 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085189ef10ee0f-CDG
x-amz-cf-id: ddAjzr4ve0mMSc-cpxBZ7oo-i9b1CNZxDsvYHHqW9XTBBSd5WqcrSQ==
x-amz-id-2: E4Ue0sFrtfA/5r0xNzp8a3CkNYrwXTDZ2dx19PylBAkE0aKD2Hxyqq/PR5e3rvIdXEZrW4D4c/I=

GET
H2 200 218706.ab9c2b9eb08b1fa477be94ce0bf0ea9b.JPEG
i.ontraport.com/ 61 KB
61 KB 1085ms
1085ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.ab9c2b9eb08b1fa477be94ce0bf0ea9b.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fd0fe53cd033eb88cc60f79b890370a468475ecff1b7a6251f905ee36c6f93

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: 18A3C06E1BAEB280
x-cache: Miss from cloudfront
content-length: 62449
cf-request-id: 0799114a320000ee0f91137000000001
last-modified: Mon, 01 Jun 2020 15:35:30 GMT
server: cloudflare
etag: "cbd773ac28acfbf4f024b566dcf1bf2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:19 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085189ef12ee0f-CDG
x-amz-cf-id: 4t2MxyUp5GBKe4S938qCxac85MKqDXBg5gk4ilVjZmgQWcUfB4PnPQ==
x-amz-id-2: pMw01cp//pFKBLm+YOFW91/aa2mfRf3ZgfOfrUM9uh7pkg0Sx7gtTCmru0UD4PQ4W8mrkvmKBqs=

GET
H2 200 218706.db47ef2b19790cfa6d80cf1ed77ee447.PNG
i.ontraport.com/ 19 KB
19 KB 866ms
866ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.db47ef2b19790cfa6d80cf1ed77ee447.PNG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8889512d0a2fc7652fc724cf49ddbada72a2fd72b9b073378e0fbb9421c7c5cf

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 85d2219c335742c82e7bf84433bc3257.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: 5F9B9782636186A2
x-cache: Miss from cloudfront
content-length: 19391
cf-request-id: 0799114cca0000ee0fb702d000000001
last-modified: Wed, 10 Jun 2020 10:02:02 GMT
server: cloudflare
etag: "ead7f4f59b6892ee672603807f1cfc9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:19 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: CDG3-C2
accept-ranges: bytes
cf-ray: 6108518e0811ee0f-CDG
x-amz-cf-id: fdo3fcrpB_TMAoUd6ZIoxSls6XVQqzV-kkp3W5XE7mL08F7v6G0Ngg==
x-amz-id-2: btB35bfiInjAAiWWCP5elVeCwEwv+C8Ydik7a+Wi4aEaQ2tXHhs3L84RD/apGldZiydYfr5Huhc=

GET
H2 200 218706.9d6fb446df6f47feda5dde5db798f76c.JPEG
i.ontraport.com/ 10 KB
10 KB 793ms
792ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.9d6fb446df6f47feda5dde5db798f76c.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ff5b5ba17a02889f805ef5b3e336afe07e16d5a9a0013ba7aa6136da7b0beb

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: EF8023DBEE919C69
x-cache: Miss from cloudfront
content-length: 10221
cf-request-id: 0799114dd80000ee0f7c963000000001
last-modified: Wed, 10 Jun 2020 10:05:28 GMT
server: cloudflare
etag: "b8c06292420349dc71718e03818a18d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:19 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 6108518fcc1aee0f-CDG
x-amz-cf-id: 8xvOOgCGv_39cmdA7w55A-8kajfTUj1kPxoH0hkMrNfIceBT-wXI3Q==
x-amz-id-2: 08kyPEgNi+/1qVIhoqelOom35Err6GBmod+wipPkZXJHGJJd8y3B699OLomkxNfPzhedE7exM0k=

GET
H2 200 218706.e79d2c76b7df1bc359436d02daa48f7f.JPEG
i.ontraport.com/ 13 KB
14 KB 790ms
789ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.e79d2c76b7df1bc359436d02daa48f7f.JPEG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d6fb27810e5adc1f3ec18109fa102fa4eee128ebb31ab79a9b8bef6f0ee8a8a

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:19 GMT
via: 1.1 e96f95ae91ddaf74bf5c3845501fcac8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: 831D7FFBC70BB532
x-cache: Miss from cloudfront
content-length: 13585
cf-request-id: 0799114dff0000ee0fdfad1000000001
last-modified: Wed, 10 Jun 2020 10:07:15 GMT
server: cloudflare
etag: "14cc84ffcbaa7b401fd13e4171e34a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:19 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 6108518ffcbcee0f-CDG
x-amz-cf-id: FvJsNCVpnmE3-rVIyrvbTuq__xGIroX47bVSpcsxdqEYkpPRzjFTzA==
x-amz-id-2: 6VmW5OL4ayRn6kslUBJTsb1pP0aWE8uWt17ekjfIHlWfCn7F50SJNTjWVXZUkZ0DfLjG8iuIR/o=

GET
H2 200 218706.ddf4a35f8cf1f2597e50d0f994ecf3f3.PNG
i.ontraport.com/ 26 KB
26 KB 937ms
937ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.ddf4a35f8cf1f2597e50d0f994ecf3f3.PNG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e670445283c02ac40b3db33885c5f5d94f43c5f53bff54b1dea20b273700d038

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:20 GMT
via: 1.1 b90884acab23625db851d03bcf681a27.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: 92C609F2B900A726
x-cache: Miss from cloudfront
content-length: 26256
cf-request-id: 0799114e6b0000ee0fb936c000000001
last-modified: Thu, 04 Jun 2020 15:57:07 GMT
server: cloudflare
etag: "6f329c3a55ce6e16d3809900036822df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:20 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085190ae2cee0f-CDG
x-amz-cf-id: ahjeicVaoRspJe6GrChqk1d79L0yc4yrccq-1VPriT0PPBoBmHRAjA==
x-amz-id-2: 8+e58W/lGNwAu94FoO/pi6HxZAsREU771b+206Vj2YiJR2MquSeJX+sd6igH958ZEw37PfByboo=

GET
H2 200 218706.c437f024c061a813d72131337b28b570.PNG
i.ontraport.com/ 29 KB
30 KB 884ms
884ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.c437f024c061a813d72131337b28b570.PNG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14bac5f1f2a18dbf25ba5e0ed5659a8ade86fd494cf33ae6d3162b8d8dcac41d

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:20 GMT
via: 1.1 a8d866886b5d25a5cfcb0df362279f88.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: F7D57691AAB0138D
x-cache: Miss from cloudfront
content-length: 29887
cf-request-id: 0799114e770000ee0f868c2000000001
last-modified: Thu, 04 Jun 2020 15:57:07 GMT
server: cloudflare
etag: "7660e10dcd6dab3870a4a35e4a9550e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:20 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085190be4eee0f-CDG
x-amz-cf-id: QOS-GKT2Y_J1ACdQORCT4DmHmnL0RoOUHQuH84FUZGc8we4fMZqPIA==
x-amz-id-2: ZdUAom3EXz0nfa8uESvAOuR5KwNVy6cDumMX7HSGFssCUzJvh1biQCxDxZBxR0JDvT5Etwxc0fA=

GET
H2 200 218706.c7a8e59fde1f5cd98d35ebb643c3776a.PNG
i.ontraport.com/ 29 KB
29 KB 912ms
912ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.c7a8e59fde1f5cd98d35ebb643c3776a.PNG
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d04bd92fb1414498017a81eab286f582260496dece567cd97f2b4ef02d05ca6

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:20 GMT
via: 1.1 04033844f25f5e47de102de77d8b5f4d.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: AAB37932477964F6
x-cache: Miss from cloudfront
content-length: 29289
cf-request-id: 0799114e9d0000ee0fdd38d000000001
last-modified: Thu, 04 Jun 2020 15:57:07 GMT
server: cloudflare
etag: "ffaf87e909ae9c16cea33aa94cda9286"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:20 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 61085190fefaee0f-CDG
x-amz-cf-id: WJonv81UrcekzjyDA3L8xdIdaYpxXaemeIXWU7BgMo6934-GcUucpg==
x-amz-id-2: Z+9ZQOEVo1hrCDZgmPNNUMt25dDVEqKCWG3pwUYv+aQxJMLkxb6Uqk8pn5LOtB5i+LtjLPFTNbs=

GET
H2 200 ontraslap.js Show response
www.addpeople.co.uk/ 2 KB
968 B 171ms
51ms Script
application/javascript 51.254.217.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.addpeople.co.uk/ontraslap.js
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.254.217.169 , France, ASN16276 (OVH, FR),
Reverse DNS: 169.ip-51-254-217.eu
Software: nginx/1.10.3 /
Resource Hash: 032b1368301a39c9375d6ddf1e71eea5511c62cf3d8a4ac0a7103c6c3bc4f849

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:18 GMT
content-encoding: gzip
x-original-content-length: 2133
server: nginx/1.10.3
etag: W/"PSA-aj-lKDRJIdoEa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-length: 740
expires: Thu, 11 Feb 2021 16:40:18 GMT

GET
H/1.1 200
OK ra-bootstrap.min.js Show response
ruler.nyltx.com/lib/1.0/ 52 KB
52 KB 177ms
78ms Script
application/javascript 35.177.168.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ruler.nyltx.com/lib/1.0/ra-bootstrap.min.js
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.177.168.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5427eedc9cf55c315c311353843f335a88f4637b6f7985cd65ebbb23d8e840ec

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 16:40:18 GMT
Last-Modified: Fri, 08 Jan 2021 09:39:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ff8286c-d0c6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53446

GET
H2 204 0
bat.bing.com/action/ 0
117 B 101ms
100ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17351580&Ver=2&mid=9cce4db0-a710-43bf-be6e-7fb803e1fa89&sid=dad31bd054f411ebb815511e658ca5f0&vid=dad32cf054f411ebb05365e9cc30b72a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=National%20Investment%20Guide%20%7C%20Best%20Bond%20Rates%20Comparison&p=https%3A%2F%2Fnationalinvestmentguide.com%2F&r=&lt=3907&evt=pageLoad&msclkid=N&sv=1&rn=629887
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 12 Jan 2021 16:40:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6A8AA1EA763C49D2BC5FEF7BBEEA8D86 Ref B: FRAEDGE1506 Ref C: 2021-01-12T16:40:18Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 218706.91bc1f28209f2950897fa502f8696093.PNG
i.ontraport.com/ 40 KB
40 KB 940ms
940ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/218706.91bc1f28209f2950897fa502f8696093.PNG?ops=1600
Requested by: Host: nationalinvestmentguide.com
URL: https://nationalinvestmentguide.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6b27bbe66d7a737f6fa43242179b68ba52947f6114f493b477903089ac82ba

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 16:40:20 GMT
via: 1.1 fc6dca2df1221c0bec817610bc20e505.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-request-id: EBC26C41A2C33442
x-cache: Miss from cloudfront
content-length: 40907
cf-request-id: 079911502f0000ee0fc622d000000001
last-modified: Thu, 11 Jun 2020 08:28:05 GMT
server: cloudflare
etag: "c83d2ad2d910ef89dcdfce6adfb27083"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
expires: Thu, 14 Jan 2021 16:40:20 GMT
cache-control: public, max-age=172800
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
cf-ray: 610851937d30ee0f-CDG
x-amz-cf-id: 33WR45yLa-hrqza8VYt46jzMaPzJlyITnoNSDJm9k2xXaNycX_2XLg==
x-amz-id-2: vqAIe4htVZb1pAZCrIsQZpM78dCf6U49UV0jhLiGFAgYkWSCOrdWHu01iQeR3KHpxxeDlryJNFw=

GET
H/1.1 200
OK ra-tracker.js.php Show response
analytics.nyltx.com/lib/1.0/ 549 B
755 B 297ms
237ms Script
application/x-javascript 35.177.168.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nyltx.com/lib/1.0/ra-tracker.js.php?ref=&href=https%3A%2F%2Fnationalinvestmentguide.com%2F&__sid=FS1610469618637&__pid=1610469618636&__dnt=false&visitid=NULLVID&__doc_title=National%20Investment%20Guide%20%7C%20Best%20Bond%20Rates%20Comparison&uid=5ee0ffb70437b&action=track
Requested by: Host: ruler.nyltx.com
URL: https://ruler.nyltx.com/lib/1.0/ra-bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.177.168.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 27405cdbf558b5dda2cde41c778edb62bb942c53eb4aa701126f0fc765b2f4d0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 16:40:18 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8

POST
H/1.1 200
OK ra-collect
analytics.nyltx.com/lib/2.0/ 2 B
347 B 33ms
33ms Other
text/plain 35.177.168.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.nyltx.com/lib/2.0/ra-collect?d=1610469618939
Requested by: Host: ruler.nyltx.com
URL: https://ruler.nyltx.com/lib/1.0/ra-bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.177.168.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-168-187.eu-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 12 Jan 2021 16:40:18 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2

GET
H/1.1 200
OK track.php Show response
jeeves.ontraport.com/ 796 B
1 KB 909ms
341ms Script
text/html 209.170.211.179
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://jeeves.ontraport.com/track.php?mid=218706_lp87.0_2&llc=https://nationalinvestmentguide.com/&first_visit=1&referral_page=&s=67zp19qsxm3kh6cxh44x&l=nationalinvestmentguide.com/&ti=National%20Investment%20Guide%20%7C%20Best%20Bond%20Rates%20Comparison&gcid=519750142.1610469618&forms%5Bp2c218706lp87.0.bid601a37bc-5747-6ec2-f463-c5d4aaeb5583%5D=0&forms%5Bp2c218706lp87.0.bid43edff9b-9b75-1841-0dbe-bbb443603481%5D=0&is_unique=1
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 209.170.211.179 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS: mail9.ontramail.com
Software: ONTRAport /
Resource Hash: ee597374a2bafdf58b5c3bfdb7e7a695477af120c0a111936219e61f5915eba0

Request headers

Referer: https://nationalinvestmentguide.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 16:40:21 GMT
Content-Encoding: gzip
X-op-class: hosted
Server: ONTRAport
X-op-release: 3
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html
X-op-ca: 82.102.18.235

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.addpeople.co.uk/ontraslap.js(Line 1) Message: adding blockoc5d4aaeb5583 as step: 1 index 0
console-api	log	URL: https://www.addpeople.co.uk/ontraslap.js(Line 1) Message: adding blockobbb443603481 as step: 2 index 1
console-api	log	URL: https://www.addpeople.co.uk/ontraslap.js(Line 1) Message: showing block step 0 with block id: oc5d4aaeb5583
console-api	log	URL: https://www.addpeople.co.uk/ontraslap.js(Line 1) Message: hiding block step 1 with block id: obbb443603481

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.nyltx.com
app.ontraport.com
bat.bing.com
fonts.googleapis.com
fonts.gstatic.com
i.ontraport.com
jeeves.ontraport.com
nationalinvestmentguide.com
optassets.ontraport.com
rec.smartlook.com
ruler.nyltx.com
stats.g.doubleclick.net
www.addpeople.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.20.19
209.170.211.179
209.170.211.187
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:400c:c0c::9a
2a02:6ea0:c700::4
35.177.168.187
51.254.217.169
032b1368301a39c9375d6ddf1e71eea5511c62cf3d8a4ac0a7103c6c3bc4f849
098af95d32313530865634f4abcf988bc08bfd3320d52787d2a378f7806d11b8
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
14bac5f1f2a18dbf25ba5e0ed5659a8ade86fd494cf33ae6d3162b8d8dcac41d
193e1672727d13371bd55d1b14f9c0c16164763d327c19a9d59b8b6ace2a9f88
1c6b27bbe66d7a737f6fa43242179b68ba52947f6114f493b477903089ac82ba
22ff5b5ba17a02889f805ef5b3e336afe07e16d5a9a0013ba7aa6136da7b0beb
27405cdbf558b5dda2cde41c778edb62bb942c53eb4aa701126f0fc765b2f4d0
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976
2e46d904c49641426c28e7ed0eb5fd44f8191639484d875168e937d1dc8e5400
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
32fd0fe53cd033eb88cc60f79b890370a468475ecff1b7a6251f905ee36c6f93
3e7e608be627c86d7c05f7f896cd39c235cc9a3a7a8582e7d23f218973daf77d
47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4d04bd92fb1414498017a81eab286f582260496dece567cd97f2b4ef02d05ca6
4d6fb27810e5adc1f3ec18109fa102fa4eee128ebb31ab79a9b8bef6f0ee8a8a
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
5427eedc9cf55c315c311353843f335a88f4637b6f7985cd65ebbb23d8e840ec
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6652ccb2994a056d8a4616d91fecb2a4cbf497418ad311d8c3c9a519c1a38243
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
7e5561e8308eb5743824525749cf1fbb7207113619c0fa33e22170a073eddc77
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8889512d0a2fc7652fc724cf49ddbada72a2fd72b9b073378e0fbb9421c7c5cf
957b75e8d1be40b4ea8f72bf14657f29a6e303551decc7f142eabd1be2428e3e
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a572f10182fa713ead5026f217fe0c0f0a34e1a15aea48ed0475778cba8f5ebc
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ca0530860390b738690d35b0cb0a80b7aba4cdd0547d665ad2cc7ca17e93f3cf
cd3fdf98bef080854d1860e3c8b16f80e8255bb7ead217d3d9925cc318048bfa
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
ddeb2f43c0bca7fd007c8652c4bf15151657a36e26bc82ebbbb215b4c0c22120
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e63e6c0f239db2737390b44548767f99a2ec68d1dc9cf5446bac364b5c0281bd
e670445283c02ac40b3db33885c5f5d94f43c5f53bff54b1dea20b273700d038
ee597374a2bafdf58b5c3bfdb7e7a695477af120c0a111936219e61f5915eba0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fb570bd1664c947b5ba51e7e5039b73fcadccc07b44b1654b76f79d5c057cc
f66124a703494fd203a7e047a40e03bbcba4912de89d29e4f76af181d11cb7bc
f697537edc72c0764b1ff7e9f1d3e21f601d82afb169ca435fc3e7f1a3af2415

nationalinvestmentguide.com Open in urlscan Pro 209.170.211.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

48 Requests

100 %HTTPS

64 %IPv6

13 Domains

17 Subdomains

14 IPs

5 Countries

1147 kBTransfer

2541 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nationalinvestmentguide.com Open in urlscan Pro
209.170.211.187 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

17
Subdomains

14
IPs

5
Countries

1147 kB
Transfer

2541 kB
Size

0
Cookies

48 HTTP transactions
0 data transactions