urlscan.io logo urlscan.io
SecurityTrails logo

gfmsafemoney.com Open in urlscan Pro
198.71.233.72  Public Scan

Go To Rescan Add Verdict Report
URL: https://gfmsafemoney.com/
Submission: On October 23 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 15 domains to perform 58 HTTP transactions. The main IP is 198.71.233.72, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is gfmsafemoney.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 13th 2024. Valid for: a year.
This is the only time gfmsafemoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    198.71.233.72 (Ashburn, United States)

ASN400754 (GO-DADDY-COM-LLC, US)
PTR: 72.233.71.198.host.secureserver.net
gfmsafemoney.com
21    162.159.135.45 (None, )

ASN13335 (CLOUDFLARENET, US)
lz76af.a2cdn1.secureserver.net
2    2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6816:12 (United States)

ASN13335 (CLOUDFLARENET, US)
www.riskalyze.com
pro.riskalyze.com
1    2606:4700:20::ac43:48ef (United States)

ASN13335 (CLOUDFLARENET, US)
nitrogenwealth.com
1    2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
s3.tradingview.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:400d:c0c::5d (Morganton, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
1    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    2607:f8b0:400d:c0b::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2015:b800:1a:451c:1f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.riskalyze.com
1    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net
www.tradingview-widget.com
5    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2607:f8b0:400d:c0c::5b (Morganton, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2607:f8b0:400d:c03::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
maps.google.com
2    2607:f8b0:4004:c17::69 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 secureserver.net
lz76af.a2cdn1.secureserver.net
912 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
maps.googleapis.com — Cisco Umbrella Rank: 445
125 KB
6 gstatic.com
fonts.gstatic.com
177 KB
4 google.com
maps.google.com — Cisco Umbrella Rank: 2646
www.google.com — Cisco Umbrella Rank: 3
429 B
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
12 KB
4 riskalyze.com
www.riskalyze.com — Cisco Umbrella Rank: 977678
pro.riskalyze.com — Cisco Umbrella Rank: 305994
content.riskalyze.com — Cisco Umbrella Rank: 344557
15 KB
4 gfmsafemoney.com
gfmsafemoney.com
290 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
75 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
173 KB
1 tradingview-widget.com
www.tradingview-widget.com — Cisco Umbrella Rank: 26216
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1941
1 tradingview.com
s3.tradingview.com — Cisco Umbrella Rank: 17281
5 KB
1 nitrogenwealth.com
nitrogenwealth.com — Cisco Umbrella Rank: 558946
368 B
58 15
Domain Requested by
21 lz76af.a2cdn1.secureserver.net gfmsafemoney.com
6 fonts.gstatic.com lz76af.a2cdn1.secureserver.net
fonts.googleapis.com
5 maps.googleapis.com lz76af.a2cdn1.secureserver.net
maps.googleapis.com
4 www.youtube.com gfmsafemoney.com
lz76af.a2cdn1.secureserver.net
www.youtube.com
4 gfmsafemoney.com lz76af.a2cdn1.secureserver.net
2 www.google.com lz76af.a2cdn1.secureserver.net
2 maps.google.com 2 redirects
2 content.riskalyze.com www.riskalyze.com
content.riskalyze.com
2 www.facebook.com gfmsafemoney.com
2 connect.facebook.net gfmsafemoney.com
connect.facebook.net
2 www.googletagmanager.com gfmsafemoney.com
1 www.tradingview-widget.com s3.tradingview.com
1 fonts.googleapis.com www.riskalyze.com
1 www.google-analytics.com www.googletagmanager.com
1 player.vimeo.com gfmsafemoney.com
1 s3.tradingview.com gfmsafemoney.com
1 pro.riskalyze.com gfmsafemoney.com
1 nitrogenwealth.com 1 redirects
1 www.riskalyze.com 1 redirects
58 19
Subject Issuer Validity Valid
gfmsafemoney.com
Go Daddy Secure Certificate Authority - G2		 2024-02-13 -
2025-03-16		 a year crt.sh
*.a2cdn1.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-10-02 -
2024-11-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.tradingview.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-05 -
2024-12-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-01 -
2024-10-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
player.vimeo.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
content.riskalyze.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-27 -
2025-01-26		 a year crt.sh
*.tradingview-widget.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-03-19		 8 months crt.sh

This page contains 7 frames:

Primary Page: https://gfmsafemoney.com/
Frame ID: 8C5E666329057B6C99A652FCA6D5E49D
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CdYQJjWGESs?wmode=transparent&autoplay=0
Frame ID: 96E89EC99A45E8804D05C8D597B81E56
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/197423648?autoplay=0&autopause=0
Frame ID: B7EB3F6BE143D6375780674423264748
Requests: 1 HTTP requests in this frame

Frame: https://www.tradingview-widget.com/embed-widget/market-overview/?locale=en
Frame ID: D07032F3D749C06F64BB4F01F44576E0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gPvu7u1cR2s?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fgfmsafemoney.com&widgetid=1
Frame ID: 6BCC4DDD71CE001292D7D615399E0505
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s11495+Pennsylvania+St,+Unit+240%0ACarmel,+IN+46032
Frame ID: 8F2E4612D97A5187FC355D5EBCEEE638
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s3701+Algonquin+Road,+Suite+150%0ARolling+Meadows,+IL
Frame ID: 123D7524F7755686E969CE7BF76CE4BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Carmel Financial Advisor | Global Fund Management LLC

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

95 %
HTTPS

79 %
IPv6

15
Domains

19
Subdomains

18
IPs

2
Countries

1819 kB
Transfer

4549 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js HTTP 301
  • https://nitrogenwealth.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js HTTP 301
  • https://pro.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
Request Chain 57
  • https://maps.google.com/maps?output=embed&q=11495%20Pennsylvania%20St%2C%20Unit%20240%0ACarmel%2C%20IN%2046032 HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s11495+Pennsylvania+St,+Unit+240%0ACarmel,+IN+46032
Request Chain 58
  • https://maps.google.com/maps?output=embed&q=3701%20Algonquin%20Road%2C%20Suite%20150%0ARolling%20Meadows%2C%20IL HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s3701+Algonquin+Road,+Suite+150%0ARolling+Meadows,+IL

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gfmsafemoney.com/ 		118 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.72 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
72.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
57ea4bd5a667cb7df2db03ab6ea56c2798bf504a22804bd7b97a985916fb8f97
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
77491
content-encoding
gzip
content-length
20292
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 09:00:53 GMT
server
openresty
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
varnish_ssl
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
8.0
x-xss-protection
1; mode=block
style.min.css
lz76af.a2cdn1.secureserver.net/wp-includes/css/dist/components/ 		84 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-includes/css/dist/components/style.min.css?ver=6.6.2&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5023d81cf7946ed0d3f1271e5fc1d583d77a75ef2ceb28450c2b22b8d56e9059
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 08:42:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a165f960ce5-EWR
accept-ranges
bytes
content-length
12101
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
latest.css
lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
etag
"3256-61e2ee7c325c6-gzip"
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/css
last-modified
Fri, 26 Jul 2024 23:31:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a165f950ce5-EWR
accept-ranges
bytes
content-length
1474
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
6635fac4d95a529892c1f0b447b3b487.min.css
lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/ 		875 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090b60f49997d90edc18ac7a323529cc8ed63d0d845894c7cdea6b8ab47e84a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/css
last-modified
Thu, 03 Oct 2024 08:26:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a165f970ce5-EWR
accept-ranges
bytes
content-length
136001
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
jquery.min.js
lz76af.a2cdn1.secureserver.net/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Mon, 21 Oct 2024 08:42:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a165f980ce5-EWR
accept-ranges
bytes
content-length
30368
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
jquery-migrate.min.js
lz76af.a2cdn1.secureserver.net/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
etag
"3509-624f8a0f21401;5d30ec1be140e
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Mon, 21 Oct 2024 08:42:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a165f990ce5-EWR
accept-ranges
bytes
content-length
4872
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
js
www.googletagmanager.com/gtag/ 		294 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C290GFBBHP
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
640affd4497d8e74ca0ba001e76f070782fe37baa69f2b3a800570e58f3a91b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 09:00:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102550
x-xss-protection
0
server
Google Tag Manager
GFM-Logo-HorizontalmAIN.png
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/GFM-Logo-HorizontalmAIN.png
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d07d261ba44a85580ef131e2f163f5f10bdb116550adc9c199b6271da561770
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
cf-bgj
imgq:100,h2pri
etag
"3de8-5daeaa455ddda"
age
215632
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
MISS
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
NO:Cache-Control=private
cf-polished
origSize=15848
x-cache
uncached
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
image/png
last-modified
Wed, 23 Mar 2022 22:56:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a165f9a0ce5-EWR
accept-ranges
bytes
content-length
13254
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
btn.js
pro.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/
Redirect Chain
  • https://www.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
  • https://nitrogenwealth.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
  • https://pro.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pro.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Server
2606:4700:10::6816:12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb274b52f22f9e198378f6f7026e3d79241ea701f21949653bcfc3163ae7e40
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6a72-lNkykPq7E0nDW0vZKHH+RMlkhcY"
x-envoy-upstream-service-time
4
x-content-type-options
nosniff
cf-ray
8d708a1aeb121861-EWR
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:54 GMT
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY

Redirect headers

location
https://pro.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
cf-cache-status
HIT
cf-ray
8d708a18d900236a-EWR
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
embed-widget-market-overview.js
s3.tradingview.com/external-embedding/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.tradingview.com/external-embedding/embed-widget-market-overview.js
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
3825b8f61dd55e2d8f49472f5922c98f8e352643798015b198eb8422ad1c3858

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

cdn-status
200
access-control-max-age
3000
content-encoding
br
etag
"b5c7451ec27cd017fa71a7a6df285da5"
access-control-allow-methods
GET
date
Wed, 23 Oct 2024 09:00:54 GMT
last-modified
Tue, 22 Oct 2024 11:03:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cdn-cache
HIT
x-amz-id-2
/UOoB1zGKeDqL4nca1XUoF9eKtbgqqo8Xd47kBqFPBoFN+EJT2iQQL2IiGqWIlMMHd/vy7xyVKY=
cdn-requestpullcode
200
cdn-cachedat
10/22/2024 11:03:35
cache-control
public, max-age=300
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
cdn-requestid
a916bf14a6c53182d45327679c59045e
cdn-pullzone
1837468
cdn-proxyver
1.04
x-amz-request-id
WVTXJCSRJPN4WKWP
access-control-allow-origin
*
cdn-edgestorageid
1069
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
US
x-amz-server-side-encryption
AES256
dashicons.min.css
lz76af.a2cdn1.secureserver.net/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-includes/css/dashicons.min.css?ver=6.6.2&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 08:42:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a16afa90ce5-EWR
accept-ranges
bytes
content-length
35730
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
contact-card.css
lz76af.a2cdn1.secureserver.net/wp-content/plugins/business-profile/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/business-profile/assets/css/contact-card.css?ver=2.3.9&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4717569f1fa3ef4c83ca905723fd0e6bad81e9be29b36f6ccc5f2817f5236ee7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/css
last-modified
Wed, 17 Jul 2024 00:26:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a176a391982-EWR
accept-ranges
bytes
content-length
1494
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
style.min.css
lz76af.a2cdn1.secureserver.net/wp-includes/css/dist/block-library/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 08:42:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ba511982-EWR
accept-ranges
bytes
content-length
14840
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
coblocks-animation.js
lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 		407 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.1.13&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Fri, 26 Jul 2024 23:31:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ba541982-EWR
accept-ranges
bytes
content-length
242
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
tiny-swiper.js
lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/vendors/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js?ver=3.1.13&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c63396c6fb5d907ed689c0bda392011d3f177a7b599363c76bd323cd956f22
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Fri, 26 Jul 2024 23:31:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ca561982-EWR
accept-ranges
bytes
content-length
4268
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
coblocks-tinyswiper-initializer.js
lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js?ver=3.1.13&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6043ee4a9960e025742c70262f22b6585271df6de2c4cc1148962fd5edc8c0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Fri, 26 Jul 2024 23:31:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ca571982-EWR
accept-ranges
bytes
content-length
5374
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
new-tab.js
lz76af.a2cdn1.secureserver.net/wp-content/plugins/page-links-to/dist/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
etag
"8687-6149b24f5ef04-gzip"
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Wed, 27 Mar 2024 02:27:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ca581982-EWR
accept-ranges
bytes
content-length
12612
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
map.js
lz76af.a2cdn1.secureserver.net/wp-content/plugins/business-profile/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/business-profile/assets/js/map.js?ver=2.3.9&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0183e90d2bc4170c40d42fc1e95f0a306113eb8132855e0ba78418a395905d3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Wed, 17 Jul 2024 00:26:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ca591982-EWR
accept-ranges
bytes
content-length
1460
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
fe9b8cf5225daf95c4c70db28530a2d4.min.js
lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-scripts/ 		519 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-scripts/fe9b8cf5225daf95c4c70db28530a2d4.min.js?ver=3.11.10&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4a4230df27fb91a1fbd2cd45b9af84e76a794773f49b5925598f006a497969
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:54 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
text/javascript
last-modified
Thu, 03 Oct 2024 08:26:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a17ca5b1982-EWR
accept-ranges
bytes
content-length
139251
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
7f287de6-5aff-417a-a6fc-f207ba2f28ff
https://gfmsafemoney.com/ Frame 		0
0
fbevents.js
connect.facebook.net/en_US/ 		228 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=5687, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
8JRNtWxgFYGiMlOR3aITt1jkm9w22KwY/BLnM1y7aN+4dA/8FpWV5bNBfJz6VS+U+sDkpQx/mjoY7UoCDTHyTA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59508
x-xss-protection
0
origin-agent-cluster
?1
gtm.js
www.googletagmanager.com/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4DX4GH
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
165ccce9d301cac7eb5495a2d434df3b027f3935ac07639e2caa6113d665dd0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 23 Oct 2024 09:00:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
73304
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
611a9291241b03a38692bb2a20d074c61f97ddf26bb961d46134181ed9904be6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
awb-icons.woff
gfmsafemoney.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfmsafemoney.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.72 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
72.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

x-cacheproxy-retries
0/2
etag
"5194-6213a2b83c98a"
age
46263
x-content-type-options
nosniff
x-cache-hit
HIT
x-cacheable
YES
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
font/woff
last-modified
Tue, 03 Sep 2024 17:13:02 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
x-backend
varnish_ssl
accept-ranges
bytes
access-control-allow-origin
*
content-length
20884
x-xss-protection
1; mode=block
server
openresty
x-php-version
8.0
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

age
25176
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 02:01:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 02:01:18 GMT
last-modified
Thu, 24 Aug 2023 21:28:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13820
x-xss-protection
0
server
sffe
fa-solid-900.woff2
gfmsafemoney.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfmsafemoney.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.72 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
72.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

x-cacheproxy-retries
0/2
etag
"13184-6213a2b83b9ea"
age
46263
x-content-type-options
nosniff
x-cache-hit
HIT
x-cacheable
YES
x-cache
cached
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
font/woff2
last-modified
Tue, 03 Sep 2024 17:13:02 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
x-backend
varnish_ssl
accept-ranges
bytes
access-control-allow-origin
*
content-length
78212
x-xss-protection
1; mode=block
server
openresty
x-php-version
8.0
PbytFmztEwbIoce9zqY.woff2
fonts.gstatic.com/s/alata/v11/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alata/v11/PbytFmztEwbIoce9zqY.woff2
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
397c9b76a9b7d4015a71aaaa706af83775c960725c7e0941f3eb909bcf5aad08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

age
33372
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 23:44:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 23:44:42 GMT
last-modified
Thu, 26 Sep 2024 23:21:30 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39844
x-xss-protection
0
server
sffe
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

age
75439
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 12:03:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:03:35 GMT
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
47048
x-xss-protection
0
server
sffe
CdYQJjWGESs
www.youtube.com/embed/ Frame 96E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/CdYQJjWGESs?wmode=transparent&autoplay=0
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfmsafemoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-tOGSS7IubdkWMp30i68c5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 09:00:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
197423648
player.vimeo.com/video/ Frame B7EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/197423648?autoplay=0&autopause=0
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gfmsafemoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8d708a19e8fe43b3-EWR
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Oct 2024 09:00:54 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-ccf669b8f-ckztf
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-ccf669b8f-ckztf
x-player-backend
g
x-served-by
cache-lga21931-LGA
x-timer
S1729674055.724868,VS0,VE142
x-xss-protection
1; mode=block
truncated
/ 		136 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7f501482402c2d9f55aa80f577e39d941dff43909d29cc64b8d7c102d4e8dc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		139 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46acfb25d947034af4faa8c613e5d4492b877042c3c7eb3bf3862a23665bee8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da7b83d07e24b88e621460f29cbd21afcc82204b13372bef86c363dd8d2677f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		139 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4b322419f3ebb3da4847fdb6b4ccfb63c1af9a8a763068d5ea779547a5b0907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
858c7be5cc507aaca35b02d3a156a28b541a4ed8bca0be0bb295e5d4fc937df3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
PN_3Rfi-oW3hYwmKDpxS7F_D-dje.woff2
fonts.gstatic.com/s/nanumgothic/v23/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nanumgothic/v23/PN_3Rfi-oW3hYwmKDpxS7F_D-dje.woff2
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08cf22bf32d06bb0425a7780a99c59a8ac6adf811868200f544c826873113bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

age
34246
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 23:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 23:30:08 GMT
last-modified
Thu, 24 Aug 2023 17:50:44 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17108
x-xss-protection
0
server
sffe
jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsSkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v18/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsSkANDJ.woff2
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e71a555be845e1436856523def55b700a2515be6a5e41f30d7e32dd7940b8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

age
565977
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 19:47:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 19:47:57 GMT
last-modified
Thu, 26 Sep 2024 23:07:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15148
x-xss-protection
0
server
sffe
1051858155212487
connect.facebook.net/signals/config/ 		79 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1051858155212487?v=2.9.173&r=stable&domain=gfmsafemoney.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2b772a87c62bff5cd31dbd1d07e6d76d91b6a11eda21fb47bff312afd9a20477
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=104, rtx=0, c=45, mss=1232, tbw=68921, tp=66, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
pQkpxwJNyB7F7vEejSJsbFz5tbdbx1XYyeQ/Ks04ws3FgJKT7aMEJzhoV/Y6QXna9TMV1A4TPWIKmpUKiqwfNw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
16622
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C290GFBBHP&gtm=45je4ah0v886398727za200&_p=1729674054339&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794736~101823847&gdid=dZTNiMT&cid=82870848.1729674055&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729674054&sct=1&seg=0&dl=https%3A%2F%2Fgfmsafemoney.com%2F&dt=Carmel%20Financial%20Advisor%20%7C%20Global%20Fund%20Management%20LLC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1151
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C290GFBBHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gfmsafemoney.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1051858155212487&ev=PageView&dl=https%3A%2F%2Fgfmsafemoney.com&rl=&if=false&ts=1729674054882&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4124&fbp=fb.1.1729674054873.599857087343907806&cs_est=true&pm=1&hrl=455926&ler=empty&cdl=API_unavailable&it=1729674054748&coo=false&cs_cc=1&cas=7753375328039305&exp=h2&rqm=GET
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2913, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1051858155212487&ev=PageView&dl=https%3A%2F%2Fgfmsafemoney.com&rl=&if=false&ts=1729674054882&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4124&fbp=fb.1.1729674054873.599857087343907806&cs_est=true&pm=1&hrl=455926&ler=empty&cdl=API_unavailable&it=1729674054748&coo=false&cs_cc=1&cas=7753375328039305&exp=h2&rqm=FGET
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428893498979962601"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
+aJzyrLx9Wi1vesSUY4oyq7seaYsBMdKQIwpTT5q/yYetQDzcggPTfweHqeGrhJt7KISiQ/7F8UJlR+MrRgmxA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428893498979962601", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=3230, tp=-1, tpl=-1, uplat=90, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,700
Requested by
Host: www.riskalyze.com
URL: https://www.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3121ffab6d4281d64a6ac17a2e87cd42f600940538a8d0b7a85386bf7ae1aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 09:00:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 23 Oct 2024 09:00:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
risk-button.css
content.riskalyze.com/apps/general/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.riskalyze.com/apps/general/risk-button.css
Requested by
Host: www.riskalyze.com
URL: https://www.riskalyze.com/hosted/v2/fb1180f98b752c77d441/rq/lt/lg/btn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2015:b800:1a:451c:1f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
348e3d56fb222259e4240cbe8562fe2a1d63e8c83ff5a449a22b11640296a439

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
gzip
etag
W/"b80d9bbb05aa00dd6c944f4a879c878b"
x-amz-version-id
l9mKL5MpeJ.LrXjHAoKQ2TE3vDc0mtB3
age
68279
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yERadtSiniFZsTolDRt1HJ976PqaXOvAVHRsQgwcU3k6Sh0mHQHCjQ==
date
Tue, 22 Oct 2024 14:03:47 GMT
content-type
text/css
vary
Accept-Encoding, Origin
last-modified
Tue, 27 Jun 2023 18:14:49 GMT
cache-control
public, max-age=3600
via
1.1 f63a9bb4aae02f02eec90d4f5c360d60.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/ 		142 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
491b111c816cb10ccf81313e2d5253f1aab27730c6ead32c4110134548cf9ae9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
/
www.tradingview-widget.com/embed-widget/market-overview/ Frame D070 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tradingview-widget.com/embed-widget/market-overview/?locale=en
Requested by
Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-market-overview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-7gMFhUXoASDfH6oP699ggQ=='; base-uri 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gfmsafemoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=120
cdn-cache
HIT
cdn-cachedat
10/23/2024 08:59:10
cdn-edgestorageid
925
cdn-proxyver
1.04
cdn-pullzone
2118568
cdn-requestcountrycode
US
cdn-requestid
d9915a5aaf67ce7ceb03d812442d5964
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-uid
0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
content-encoding
br
content-security-policy
object-src 'none'; default-src 'self' https: data: blob: wss: 'unsafe-inline'; script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-7gMFhUXoASDfH6oP699ggQ=='; base-uri 'none'
content-type
text/html; charset=utf-8
date
Wed, 23 Oct 2024 09:00:55 GMT
expires
Wed, 23 Oct 2024 09:00:25 GMT
referrer-policy
origin-when-cross-origin
server
BunnyCDN-ASB1-925
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
blueeagle-scaled.jpg
gfmsafemoney.com/wp-content/uploads/2022/03/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gfmsafemoney.com/wp-content/uploads/2022/03/blueeagle-scaled.jpg
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-styles/6635fac4d95a529892c1f0b447b3b487.min.css?ver=3.11.10&time=1729591993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.71.233.72 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
72.233.71.198.host.secureserver.net
Software
openresty /
Resource Hash
c283413e8bd1502530c1d3ab4962d0d8acb7ec848ae7e37ff6ec013a3f22844a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lz76af.a2cdn1.secureserver.net/

Response headers

x-cacheproxy-retries
0/2
etag
"2abe4-60a501c4dac58"
age
0
x-content-type-options
nosniff
x-cache-hit
MISS
expires
Thu, 23 Oct 2025 09:00:55 GMT
x-cacheable
NO:Cache-Control=private
x-cache
uncached
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
image/webp
last-modified
Fri, 17 Nov 2023 02:44:08 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
private, max-age=31536000
x-backend
varnish_ssl
accept-ranges
bytes
content-length
175076
x-xss-protection
1; mode=block
server
openresty
x-php-version
8.0
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
Toolkit2022c.png
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/Toolkit2022c.png
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7e5407a32cc6b13f40141b3a5010d684088d3e3210fe87b5824b71e40532df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
cf-cache-status
HIT
etag
"4cbf4-5db6ec1c440c6"
x-content-type-options
nosniff
x-cache-hit
MISS
expires
Sat, 23 Nov 2024 09:00:55 GMT
x-cacheable
NO:Cache-Control=private
alt-svc
h3=":443"; ma=86400
x-cache
uncached
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
image/png
last-modified
Wed, 30 Mar 2022 12:33:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a1cdc361982-EWR
accept-ranges
bytes
content-length
314356
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
wp-emoji-release.min.js
lz76af.a2cdn1.secureserver.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2&time=1729591993
Requested by
Host: gfmsafemoney.com
URL: https://gfmsafemoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:55 GMT
x-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-cache
cached
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
text/javascript
last-modified
Mon, 21 Oct 2024 08:42:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a1cec371982-EWR
accept-ranges
bytes
content-length
5062
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
js
maps.googleapis.com/maps/api/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.exp&callback=bp_initialize_map&loading=async&key=AIzaSyC-0jbnXKIDTC1B5eYvgZZS6UZZc0bvdWg
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/plugins/business-profile/assets/js/map.js?ver=2.3.9&time=1729591993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
0da72c1e0bc77e88ea162db12f60477030e952ee7507f7e562997aea30766f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
53569c9c
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2386
date
Wed, 23 Oct 2024 09:00:55 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/fusion-scripts/fe9b8cf5225daf95c4c70db28530a2d4.min.js?ver=3.11.10&time=1729591993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d426094c168051f30c71c81f5a51fe910cd31d2cdb2138d71ea0db1029c1186f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Wed, 23 Oct 2024 09:00:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 09:00:55 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-tLL2GnIcg-LluJbSXPhXOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
unknown-risk-number.png
content.riskalyze.com/apps/pro/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.riskalyze.com/apps/pro/images/unknown-risk-number.png
Requested by
Host: content.riskalyze.com
URL: https://content.riskalyze.com/apps/general/risk-button.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2015:b800:1a:451c:1f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7223f55b02c7bad3f33950b94726fec50a163d2a98b1348d65d77747f835fc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://content.riskalyze.com/apps/general/risk-button.css

Response headers

x-amz-version-id
rbkF3KTzsdiMF9IWrmcUo7fmk5PkM8Ox
etag
"dd5aa9790e0ad209927f65eef21c9d02"
age
3378
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Xsu5iXh51sj8LQZe13blBm1nSGyyhQK0M1MiJjoqC2Em5kCVeY7s7Q==
date
Wed, 23 Oct 2024 08:04:58 GMT
content-type
image/png
vary
Accept-Encoding, Origin
last-modified
Wed, 21 Jun 2023 14:57:39 GMT
cache-control
public, max-age=3600
via
1.1 f63a9bb4aae02f02eec90d4f5c360d60.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1597
x-amz-cf-pop
IAD66-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gfmsafemoney.com
Referer
https://fonts.googleapis.com/

Response headers

age
88228
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 08:30:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 08:30:27 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
main.js
maps.googleapis.com/maps-api-v3/api/js/58/8/ 		222 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/8/main.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&callback=bp_initialize_map&loading=async&key=AIzaSyC-0jbnXKIDTC1B5eYvgZZS6UZZc0bvdWg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10ff6394ac24d87dfd6cc86b1dcc8558b94225ebf4e0fecbf82e3a801c00073a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
age
8194
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 06:44:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 06:44:21 GMT
last-modified
Mon, 07 Oct 2024 22:41:34 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
66509
x-xss-protection
0
server
sffe
www-widgetapi.js
www.youtube.com/s/player/a62d836d/www-widgetapi.vflset/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/a62d836d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f2c4bcb919e31182646d5e52650914f15a9cc8ff0847d30c4dc4adcd4c2653c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
age
1219
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 08:40:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:40:36 GMT
last-modified
Mon, 21 Oct 2024 04:28:38 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10288
x-xss-protection
0
server
sffe
graynben.jpg
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2023/07/ 		0
0
gPvu7u1cR2s
www.youtube.com/embed/ Frame 6BCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/gPvu7u1cR2s?autohide=1&autoplay=1&fs=0&showinfo=0&modestBranding=1&start=0&controls=0&rel=0&disablekb=1&iv_load_policy=3&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fgfmsafemoney.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a62d836d/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfmsafemoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-qP7ohOCI6XGxNElYPWz_3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 09:00:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/58/8/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://gfmsafemoney.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Wed, 23 Oct 2024 09:00:55 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
embed
www.google.com/maps/ Frame 8F2E
Redirect Chain
  • https://maps.google.com/maps?output=embed&q=11495%20Pennsylvania%20St%2C%20Unit%20240%0ACarmel%2C%20IN%2046032
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s11495+Pennsylvania+St,+Unit+240%0ACarmel,+IN+46032
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s11495+Pennsylvania+St,+Unit+240%0ACarmel,+IN+46032
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-sXUwgxtJwtzA4l4Zwtv5Gw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfmsafemoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
965
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-sXUwgxtJwtzA4l4Zwtv5Gw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 09:00:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 23 Oct 2024 09:00:55 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s11495+Pennsylvania+St,+Unit+240%0ACarmel,+IN+46032
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
embed
www.google.com/maps/ Frame 123D
Redirect Chain
  • https://maps.google.com/maps?output=embed&q=3701%20Algonquin%20Road%2C%20Suite%20150%0ARolling%20Meadows%2C%20IL
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s3701+Algonquin+Road,+Suite+150%0ARolling+Meadows,+IL
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s3701+Algonquin+Road,+Suite+150%0ARolling+Meadows,+IL
Requested by
Host: lz76af.a2cdn1.secureserver.net
URL: https://lz76af.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1&time=1729591993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-PaNhY9dobbYSxYGpZxNw8g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfmsafemoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
965
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-PaNhY9dobbYSxYGpZxNw8g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 09:00:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-robots-tag
noindex,nofollow
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 23 Oct 2024 09:00:55 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m2!2m1!1s3701+Algonquin+Road,+Suite+150%0ARolling+Meadows,+IL
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
icon-66x66.png
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/icon-66x66.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b5fc22abed54a4c21045e28c30c562c0ec8df57e0957401e974c003d2ba128
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
cf-cache-status
HIT
etag
"4dc-5dbc74a1b930d"
x-content-type-options
nosniff
x-cache-hit
MISS
expires
Thu, 23 Oct 2025 09:00:56 GMT
x-cacheable
NO:Cache-Control=private
alt-svc
h3=":443"; ma=86400
x-cache
uncached
date
Wed, 23 Oct 2024 09:00:56 GMT
content-type
image/webp
last-modified
Sun, 03 Apr 2022 22:11:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=31536000
cf-ray
8d708a26f81e1982-EWR
accept-ranges
bytes
content-length
1244
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
logowishtv-1.png
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2023/07/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2023/07/logowishtv-1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a692755fb773102b7e78d129806ed22bf3477321590c90e9458a59509f554353
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
cf-cache-status
HIT
etag
"836-5ffc0fbb87d32"
x-content-type-options
nosniff
x-cache-hit
MISS
expires
Sat, 23 Nov 2024 09:00:56 GMT
x-cacheable
NO:Cache-Control=private
alt-svc
h3=":443"; ma=86400
x-cache
uncached
date
Wed, 23 Oct 2024 09:00:56 GMT
content-type
image/png
last-modified
Wed, 05 Jul 2023 17:46:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a27583c1982-EWR
accept-ranges
bytes
content-length
2102
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
torn.png
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2022/03/torn.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc452c7cb5076fb2526dfffd6a22a9b37eff7e7c43a5195ae85981fbe050c7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
cf-cache-status
HIT
etag
"2631-5db4f398c290f"
x-content-type-options
nosniff
x-cache-hit
MISS
expires
Sat, 23 Nov 2024 09:00:56 GMT
x-cacheable
NO:Cache-Control=private
alt-svc
h3=":443"; ma=86400
x-cache
uncached
date
Wed, 23 Oct 2024 09:00:56 GMT
content-type
image/png
last-modified
Mon, 28 Mar 2022 22:56:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a27583d1982-EWR
accept-ranges
bytes
content-length
9777
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
unnamed-1.gif
lz76af.a2cdn1.secureserver.net/wp-content/uploads/2023/07/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2023/07/unnamed-1.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08cf90d81e9f71f732c33c289b5d743e3b1ee0d2a9596ad2cf961d6c171d64e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

x-cacheproxy-retries
0/2
cf-bgj
imgq:100,h2pri
etag
"3da97-5ffc0f72cebcc"
cf-cache-status
HIT
x-content-type-options
nosniff
x-cache-hit
HIT
expires
Sat, 23 Nov 2024 09:00:57 GMT
x-cacheable
YES
cf-polished
origSize=252567
x-cache
cached
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 09:00:57 GMT
content-type
image/gif
last-modified
Wed, 05 Jul 2023 17:45:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=2678400
cf-ray
8d708a28287b1982-EWR
accept-ranges
bytes
content-length
181640
x-xss-protection
1; mode=block
server
cloudflare
x-php-version
8.0
common.js
maps.googleapis.com/maps-api-v3/api/js/58/8/ 		290 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/8/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/58/8/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
age
10067
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 06:13:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 06:13:13 GMT
last-modified
Mon, 07 Oct 2024 22:41:34 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
63684
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/8/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/8/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/58/8/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155a63398db8c5c1b194b5b8a33cc503a31815fcff318eaf61a684197da8613f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gfmsafemoney.com/

Response headers

content-encoding
br
age
2063
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 08:26:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 08:26:37 GMT
last-modified
Mon, 07 Oct 2024 22:41:34 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56393
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gfmsafemoney.com
URL
blob:https://gfmsafemoney.com/7f287de6-5aff-417a-a6fc-f207ba2f28ff
Domain
lz76af.a2cdn1.secureserver.net
URL
https://lz76af.a2cdn1.secureserver.net/wp-content/uploads/2023/07/graynben.jpg

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| doc function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _rsk object| scripts number| index object| scr object| btncontainer function| rsk_init_button function| fancybox_port_init function| rsk_load object| coblocksTinyswiper object| bpfwp_map function| bpInitializeMap function| bp_initialize_map object| cssua object| fusionJSVars object| fusion function| Swiper object| fusionLightboxVideoVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox object| fusionTimeout function| registerYoutubePlayers function| onPlayerReady function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| ytVidId function| insertParam function| fusionYouTubeTimeout function| checkHoverTouchState function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionAnimationsVars function| fusionSetAnimationData function| vimeoLiteAddPrefetch function| vimeoLiteCanUseWebP function| vimeoLiteGetThumbnailDimensions object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| fusionIsWholeElementInViewport function| initSwiperScrollingSection function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| awbScrollToTarget object| fusionVideoVars function| fusionInitStickyColumns object| html5 object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances function| onYouTubePlayerAPIReady function| YTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| lazySizes object| awbAnimationObservers function| awbScrollSpy string| responsiveTypeElements boolean| yt_vid_exists object| $youtube_players number| _fusionWindowHeight number| _fusionWindowWidth object| twemoji object| wp object| google object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| fusionVimeoPlayers

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: Dv-s-6uZa7g
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JAE2Z4hKzKA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgOw%3D%3D
.gfmsafemoney.com/ Name: _ga_C290GFBBHP
Value: GS1.1.1729674054.1.0.1729674054.0.0.0
.gfmsafemoney.com/ Name: _ga
Value: GA1.1.82870848.1729674055
.gfmsafemoney.com/ Name: _fbp
Value: fb.1.1729674054873.599857087343907806
.vimeo.com/ Name: vuid
Value: pl942012605.42812803
.vimeo.com/ Name: __cf_bm
Value: IheXAbBkMDkLOjHV70QHv4m67L57Df3DiChSokhHNoI-1729674055-1.0.1.1-GhSPoxtG4MA1PuQj0DzJKG0__bV9zFnJdDEtwMj_rXtUPYnz_b_N1.uJUjgxzRBT
.vimeo.com/ Name: _cfuvid
Value: hgAvCe0.9Br146ezzCH052k.1vhfXBaxPVm_AX9GHAQ-1729674055724-0.0.1.1-604800000

2 Console Messages

Source Level URL
Text
other warning URL: https://gfmsafemoney.com/(Line 222)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://www.youtube.com/s/player/a62d836d/www-widgetapi.vflset/www-widgetapi.js(Line 192)
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
content.riskalyze.com
fonts.googleapis.com
fonts.gstatic.com
gfmsafemoney.com
lz76af.a2cdn1.secureserver.net
maps.google.com
maps.googleapis.com
nitrogenwealth.com
player.vimeo.com
pro.riskalyze.com
s3.tradingview.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.riskalyze.com
www.tradingview-widget.com
www.youtube.com
gfmsafemoney.com
lz76af.a2cdn1.secureserver.net
162.159.128.61
162.159.135.45
198.71.233.72
2400:52e0:1a00::1207:2
2600:9000:2015:b800:1a:451c:1f80:93a1
2606:4700:10::6816:12
2606:4700:20::ac43:48ef
2607:f8b0:4004:c17::69
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::5f
2607:f8b0:400d:c03::64
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::71
2607:f8b0:400d:c0c::5b
2607:f8b0:400d:c0c::5d
2607:f8b0:400d:c0d::61
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
37.19.207.34
0183e90d2bc4170c40d42fc1e95f0a306113eb8132855e0ba78418a395905d3d
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
08cf22bf32d06bb0425a7780a99c59a8ac6adf811868200f544c826873113bf4
090b60f49997d90edc18ac7a323529cc8ed63d0d845894c7cdea6b8ab47e84a7
0da72c1e0bc77e88ea162db12f60477030e952ee7507f7e562997aea30766f76
0e71a555be845e1436856523def55b700a2515be6a5e41f30d7e32dd7940b8aa
10ff6394ac24d87dfd6cc86b1dcc8558b94225ebf4e0fecbf82e3a801c00073a
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
155a63398db8c5c1b194b5b8a33cc503a31815fcff318eaf61a684197da8613f
165ccce9d301cac7eb5495a2d434df3b027f3935ac07639e2caa6113d665dd0a
26b5fc22abed54a4c21045e28c30c562c0ec8df57e0957401e974c003d2ba128
2b772a87c62bff5cd31dbd1d07e6d76d91b6a11eda21fb47bff312afd9a20477
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
348e3d56fb222259e4240cbe8562fe2a1d63e8c83ff5a449a22b11640296a439
3825b8f61dd55e2d8f49472f5922c98f8e352643798015b198eb8422ad1c3858
397c9b76a9b7d4015a71aaaa706af83775c960725c7e0941f3eb909bcf5aad08
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
46acfb25d947034af4faa8c613e5d4492b877042c3c7eb3bf3862a23665bee8a
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
4717569f1fa3ef4c83ca905723fd0e6bad81e9be29b36f6ccc5f2817f5236ee7
491b111c816cb10ccf81313e2d5253f1aab27730c6ead32c4110134548cf9ae9
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5023d81cf7946ed0d3f1271e5fc1d583d77a75ef2ceb28450c2b22b8d56e9059
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57ea4bd5a667cb7df2db03ab6ea56c2798bf504a22804bd7b97a985916fb8f97
611a9291241b03a38692bb2a20d074c61f97ddf26bb961d46134181ed9904be6
640affd4497d8e74ca0ba001e76f070782fe37baa69f2b3a800570e58f3a91b7
6cc452c7cb5076fb2526dfffd6a22a9b37eff7e7c43a5195ae85981fbe050c7b
6d07d261ba44a85580ef131e2f163f5f10bdb116550adc9c199b6271da561770
6d4a4230df27fb91a1fbd2cd45b9af84e76a794773f49b5925598f006a497969
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9
7fb274b52f22f9e198378f6f7026e3d79241ea701f21949653bcfc3163ae7e40
858c7be5cc507aaca35b02d3a156a28b541a4ed8bca0be0bb295e5d4fc937df3
8f2c4bcb919e31182646d5e52650914f15a9cc8ff0847d30c4dc4adcd4c2653c
a3121ffab6d4281d64a6ac17a2e87cd42f600940538a8d0b7a85386bf7ae1aa8
a692755fb773102b7e78d129806ed22bf3477321590c90e9458a59509f554353
a7223f55b02c7bad3f33950b94726fec50a163d2a98b1348d65d77747f835fc7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b6043ee4a9960e025742c70262f22b6585271df6de2c4cc1148962fd5edc8c0b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c283413e8bd1502530c1d3ab4962d0d8acb7ec848ae7e37ff6ec013a3f22844a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d1c63396c6fb5d907ed689c0bda392011d3f177a7b599363c76bd323cd956f22
d426094c168051f30c71c81f5a51fe910cd31d2cdb2138d71ea0db1029c1186f
d4b322419f3ebb3da4847fdb6b4ccfb63c1af9a8a763068d5ea779547a5b0907
d7f501482402c2d9f55aa80f577e39d941dff43909d29cc64b8d7c102d4e8dc3
da7b83d07e24b88e621460f29cbd21afcc82204b13372bef86c363dd8d2677f4
dd7e5407a32cc6b13f40141b3a5010d684088d3e3210fe87b5824b71e40532df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f08cf90d81e9f71f732c33c289b5d743e3b1ee0d2a9596ad2cf961d6c171d64e
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6