www.countryfinancial.com Open in urlscan Pro
208.74.230.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.s11.exct.net/?qs=d9ee6eb51e4cf2a404ca9bcc1712635a756d353d18fa439eb88870765a139d5ac3141ce51d78f6f30d402302488d...
Effective URL:
https://www.countryfinancial.com/en/about-us/who-we-are.html
Submission: On April 21 via manual (April 21st 2021, 2:17:35 pm UTC) from US

Summary HTTP 69 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 22 domains to perform 69 HTTP transactions. The main IP is 208.74.230.119, located in Bloomington, United States and belongs to COUNTRY-INSURANCE, US. The main domain is www.countryfinancial.com.
TLS certificate: Issued by Entrust Certification Authority - L1F on March 12th 2021. Valid for: a year.

This is the only time www.countryfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.71.12 13.111.71.12	22606 (EXACT-7) (EXACT-7)
22	208.74.230.119 208.74.230.119	10511 (COUNTRY-I...) (COUNTRY-INSURANCE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:710... 2a02:26f0:7100:1b7::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
1	52.51.251.137 52.51.251.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	52.30.135.179 52.30.135.179	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	18.200.157.96 18.200.157.96	16509 (AMAZON-02) (AMAZON-02)
1 1	99.81.11.244 99.81.11.244	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:180::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.89.207 13.224.89.207	16509 (AMAZON-02) (AMAZON-02)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f113:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.100.124 13.224.100.124	16509 (AMAZON-02) (AMAZON-02)
3	54.162.154.79 54.162.154.79	14618 (AMAZON-AES) (AMAZON-AES)
1	52.210.90.219 52.210.90.219	16509 (AMAZON-02) (AMAZON-02)
69	25

1 13.111.71.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: cl.s11.exct.net

cl.s11.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 208.74.230.119 (Bloomington, United States)

ASN10511 (COUNTRY-INSURANCE, US)
PTR: countryfinancialblog.com

www.countryfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:7100:1b7::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

smetrics.countryfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.251.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ccservicesinc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.157.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ccservicesinc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.11.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:180::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.207 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-207.zrh50.r.cloudfront.net

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.162.154.79 (United States)

ASN14618 (AMAZON-AES, US)

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.90.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-90-219.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	countryfinancial.com www.countryfinancial.com smetrics.countryfinancial.com	610 KB
5	googletagmanager.com www.googletagmanager.com	173 KB
5	adobedtm.com assets.adobedtm.com	98 KB
3	sessioncam.com ws.sessioncam.com	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	google.de www.google.de	235 B
3	google.com www.google.com	235 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	facebook.net connect.facebook.net	101 KB
3	demdex.net dpm.demdex.net Failed ccservicesinc.demdex.net	5 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	facebook.com www.facebook.com	275 B
2	google-analytics.com www.google-analytics.com	19 KB
1	qualtrics.com zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com	18 KB
1	cloudfront.net d2oh4tlt9mrke9.cloudfront.net	60 KB
1	licdn.com snap.licdn.com	2 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	googleadservices.com www.googleadservices.com	14 KB
1	omtrdc.net ccservicesinc.tt.omtrdc.net	516 B
1	googleapis.com fonts.googleapis.com	912 B
1	exct.net 1 redirects cl.s11.exct.net	235 B
69	22

	Domain	Requested by
22	www.countryfinancial.com	www.countryfinancial.com d2oh4tlt9mrke9.cloudfront.net
5	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
5	assets.adobedtm.com	www.countryfinancial.com assets.adobedtm.com
3	ws.sessioncam.com	d2oh4tlt9mrke9.cloudfront.net
3	www.google.de	www.countryfinancial.com
3	www.google.com	www.countryfinancial.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.countryfinancial.com
2	www.facebook.com	www.countryfinancial.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	smetrics.countryfinancial.com	assets.adobedtm.com www.countryfinancial.com
2	dpm.demdex.net	www.countryfinancial.com assets.adobedtm.com
2	www.google-analytics.com	assets.adobedtm.com www.google-analytics.com
1	insight.adsrvr.org	js.adsrvr.org
1	js.adsrvr.org	www.countryfinancial.com
1	www.linkedin.com	1 redirects
1	zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com	assets.adobedtm.com
1	d2oh4tlt9mrke9.cloudfront.net	assets.adobedtm.com
1	snap.licdn.com	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	ccservicesinc.demdex.net	assets.adobedtm.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ccservicesinc.tt.omtrdc.net	assets.adobedtm.com
1	fonts.googleapis.com	www.countryfinancial.com
1	cl.s11.exct.net	1 redirects
69	27

This site contains links to these domains. Also see Links.

Domain
my.countryfinancial.com
b2b.countryfinancial.com
facebook.com
twitter.com
youtube.com
linkedin.com
instagram.com
brokercheck.finra.org
www.entrust.net

Subject Issuer	Validity	Valid
countryfinancial.com Entrust Certification Authority - L1F	`2021-03-12` - `2022-04-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
smetrics.countryfinancial.com Entrust Certification Authority - L1K	`2020-10-24` - `2021-10-24`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ws.sessioncam.com Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.countryfinancial.com/en/about-us/who-we-are.html
Frame ID: 4997AA2639B29A76652143176EAC76A9
Requests: 67 HTTP requests in this frame

Frame: https://ccservicesinc.demdex.net/dest5.html?d_nsid=0
Frame ID: 55A6605F8EE5375629E413F793BBE7C8
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=usq8e9i&ref=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&upid=ecfzo3k&upv=1.1.0
Frame ID: 0AD4787EBD13D3E74495AF366F209C69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cl.s11.exct.net/?qs=d9ee6eb51e4cf2a404ca9bcc1712635a756d353d18fa439eb88870765a139d5ac3141ce5... HTTP 302
https://www.countryfinancial.com/en/about-us/who-we-are.html Page URL

Page Statistics

69
Requests

99 %
HTTPS

52 %
IPv6

22
Domains

27
Subdomains

25
IPs

5
Countries

1156 kB
Transfer

2458 kB
Size

17
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://my.countryfinancial.com/portal/dispatcher/my-account
Title: Log in

Search URL Search Domain Scan URL

URL: https://my.countryfinancial.com/portal/dispatcher/registration
Title: Log in or register

Search URL Search Domain Scan URL

URL: https://my.countryfinancial.com/portal/dispatcher/forgot-password
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://b2b.countryfinancial.com/home
Title: Business to business portal

Search URL Search Domain Scan URL

URL: https://facebook.com/countryfinancial

Search URL Search Domain Scan URL

URL: https://twitter.com/hellocountry

Search URL Search Domain Scan URL

URL: https://youtube.com/user/COUNTRYFinancial

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/8454

Search URL Search Domain Scan URL

URL: https://instagram.com/countryfinancial

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA's BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile?domain=countryfinancial.com
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.s11.exct.net/?qs=d9ee6eb51e4cf2a404ca9bcc1712635a756d353d18fa439eb88870765a139d5ac3141ce51d78f6f30d402302488d994baeaa22e27125a350 HTTP 302
https://www.countryfinancial.com/en/about-us/who-we-are.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1619014635914 HTTP 0
http://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1619014635914

Request Chain 39

https://cm.everesttech.net/cm/dd?d_uuid=35906794541428227032939899547200872054 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAz7AAAAHTBLCXM

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1222129&time=1619014636467&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1222129%26time%3D1619014636467%26url%3Dhttps%253A%252F%252Fwww.countryfinancial.com%252Fen%252Fabout-us%252Fwho-we-are.html%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1222129&time=1619014636467&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&liSync=true

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set who-we-are.html Show response
www.countryfinancial.com/en/about-us/
Redirect Chain

https://cl.s11.exct.net/?qs=d9ee6eb51e4cf2a404ca9bcc1712635a756d353d18fa439eb88870765a139d5ac3141ce51d78f6f30d402302488d994baeaa22e27125a350
https://www.countryfinancial.com/en/about-us/who-we-are.html

60 KB
10 KB

530ms
132ms

Document
text/html

208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

4bcba6725de272085a7e5daccbaa3e90612f8af82845ee7296f1593d52367da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.countryfinancial.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 20 Apr 2021 18:58:56 GMT
ETag: "f1fb-5c06c09c107b2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10076
Keep-Alive: timeout=5, max=200
Content-Type: text/html; charset=UTF-8
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.countryfinancial.com/en/about-us/who-we-are.html
Date: Wed, 21 Apr 2021 14:17:14 GMT
Connection: close
Content-Length: 177

GET
H/1.1 200
OK Cookie set clientlib-base.min.css
www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/ 106 KB
8 KB 132ms
130ms Stylesheet
text/css 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-base.min.css

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

55b4cc90a8f3845fc6b2efdf517de51e9019d6a3f1fe14aefff9be074aebf44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "1a72d-5c06bf90f5b62-gzip"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 7470
X-XSS-Protection: 1; mode=block

GET
H3-29 200 css2
fonts.googleapis.com/ 14 KB
912 B 25ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a59f60fbd72a8f75b857fab6c7b347acb0ee615beaf798b6b8912fed504f9b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 14:15:45 GMT
server: ESF
date: Wed, 21 Apr 2021 14:17:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 14:17:15 GMT

GET
H2 200 launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js Show response
assets.adobedtm.com/ 279 KB
82 KB 38ms
21ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Requested by: Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5f778592cd3b3503d240305b96df05b48de3f0be4941f85d77baf75a514a0cb9

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:15 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 14:57:12 GMT
server: AkamaiNetStorage
etag: "0c0d18b42c955261c28123f53c2879cd:1617807432.48005"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.countryfinancial.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 83719
expires: Wed, 21 Apr 2021 15:17:15 GMT

GET
H/1.1 200
OK Cookie set clientlib-dependencies.min.js Show response
www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/ 0
566 B 374ms
127ms Script
application/javascript 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-dependencies.min.js

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "0-5c06bf9155e73"
Connection: Upgrade, Keep-Alive
Upgrade: h2
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=200
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set clientlib-dependencies.min.css
www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/ 0
530 B 264ms
125ms Stylesheet
text/css 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-dependencies.min.css

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "0-5c06bf9133b93"
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set clientlib-site.min.css
www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/ 129 KB
22 KB 379ms
133ms Stylesheet
text/css 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

c88f27aa1960c709d984fdd87c9de6f1cdefcc6488edd2d34c76c3708575040f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "20419-5c06bf91575e3-gzip"
Vary: Accept-Encoding
Connection: Upgrade, Keep-Alive
Upgrade: h2
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=200
Content-Length: 21983
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set logo_basic.png
www.countryfinancial.com/content/dam/cfin/global/logos/ 44 KB
45 KB 241ms
126ms Image
image/png 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/logos/logo_basic.png

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

85a1135ab564075a688ab56729ea6e9e2e6b278aad4f305608347049ac258266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "b13b-5c021c55cfd08"
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 45371
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set BrokerCheck_logo.png
www.countryfinancial.com/content/dam/cfin/global/ 8 KB
8 KB 257ms
125ms Image
image/png 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/BrokerCheck_logo.png

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

7832721fb2b8862097d84c4a2883814d9cd1ec84e71b0d3ef82753d4c7241298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "1f86-5c021c55ae9c8"
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 8070
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set entrust-logo-mobile.png
www.countryfinancial.com/content/dam/cfin/global/logos/ 19 KB
19 KB 270ms
126ms Image
image/png 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/logos/entrust-logo-mobile.png

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

49d2ad97a15c9fabdb9fc665eee644b5f0ae6fa7613bc8a8b8cf9a5153abd094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CvVersion%7C5.2.0; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496; at_check=true
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "4a85-5c021c55c8fa8"
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 19077
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set repOffice_Icon.svg
www.countryfinancial.com/content/dam/cfin/global/ 1 KB
2 KB 354ms
127ms Image
image/svg+xml 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/repOffice_Icon.svg

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

070cfa3608def237f5223abb1aa848179a8f82482681cdf66c2d519801787a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CvVersion%7C5.2.0; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496; at_check=true
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "4c6-5c021c55e8b78"
Connection: Keep-Alive
Content-Type: image/svg+xml
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 1222
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set clientlib-site.min.js Show response
www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/ 139 KB
139 KB 133ms
127ms Script
application/javascript 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.js

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

a8c0cb8de53fab7b4947431b264c78723dd481da5a84f69290fae70a8eaab68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "22a74-5c06bf91619f3"
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 141940
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set container.min.js Show response
www.countryfinancial.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 752 B
1 KB 128ms
125ms Script
application/javascript 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.min.js

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

c69737729bfeffad46e66417ed01bff74a95b62b5265abafe011777f5d87f09f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "2f0-5c06bf9193abb"
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set clientlib-base.min.js Show response
www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/ 106 KB
106 KB 132ms
129ms Script
application/javascript 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-base.min.js

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

db281d4dfe0de9101e712229108033bc983d810ddba073e6dd642bdaa639b940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Apr 2021 18:54:16 GMT
ETag: "1a617-5c06bf91afbf3"
Connection: Upgrade, Keep-Alive
Upgrade: h2
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=200
Content-Length: 108055
X-XSS-Protection: 1; mode=block

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5041
date: Wed, 21 Apr 2021 12:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 14:53:14 GMT

GET

rd
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1619014635914
http://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1619014635914

0
0

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 20ms
20ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.countryfinancial.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 21 Apr 2021 15:17:15 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 25ms
25ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.countryfinancial.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 21 Apr 2021 15:17:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: 8cpanplKYynVbRK4KLKPRQ9iHtUGyGfZ71EU2N09Pp8u+v53TDpoNU+TNQyCPi5374kFpNL1Cbu+oltmaNd7kw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 21 Apr 2021 14:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54439328-1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00039484375eededb3ba7f44e6f8643efcc71096d52a9c555071c999ab5e2777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37490
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 14:17:15 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.countryfinancial.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 274417
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK Cookie set line_small-01.svg
www.countryfinancial.com/content/dam/cfin/global/ 1 KB
2 KB 150ms
128ms Image
image/svg+xml 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/line_small-01.svg

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

1e091402a573f321a73afb0cb35939b6e7403b85820de276581c8ff90809c469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CvVersion%7C5.2.0; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496; at_check=true
Connection: keep-alive
Referer: https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "559-5c021c55e0a90"
Connection: Upgrade, Keep-Alive
Upgrade: h2
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Content-Type: image/svg+xml
Keep-Alive: timeout=5, max=200
Content-Length: 1369
X-XSS-Protection: 1; mode=block

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.countryfinancial.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
age: 274418
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK Cookie set cf-icons-styleguide.woff2
www.countryfinancial.com/content/dam/cfin/fonts/ 65 KB
66 KB 206ms
136ms Font
application/octet-stream 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.countryfinancial.com/content/dam/cfin/fonts/cf-icons-styleguide.woff2?lbbu21

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

f20720b00af7a5dc968cb4af0ab0267f97ab4db84541de035d30c1cab71e1f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.countryfinancial.com
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CvVersion%7C5.2.0; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496; at_check=true
Connection: keep-alive
Origin: https://www.countryfinancial.com
Referer: https://www.countryfinancial.com/etc.clientlibs/cfin/clientlibs/clientlib-site.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff nosniff
Last-Modified: Sat, 06 Mar 2021 04:09:32 GMT
X-Frame-Options: SAMEORIGIN
Connection: Upgrade, Keep-Alive
Upgrade: h2
Cache-Control: no-cache
Content-Disposition: attachment; filename="cf-icons-styleguide.woff2"
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Content-Type: application/octet-stream
Keep-Alive: timeout=5, max=200
Content-Length: 66528
X-XSS-Protection: 1; mode=block

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.countryfinancial.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
age: 274418
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 id Show response
smetrics.countryfinancial.com/ 48 B
521 B 106ms
21ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.countryfinancial.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=5D94123F5245B19E0A490D45%40AdobeOrg&mid=42224272020443715542558374255398585659&ts=1619014636067

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ff61cc682335c684cc99d380b7fac1d84fb59d5543a403c129f0d1b6419bc83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5db677d464-cbzb9
vary: Origin
x-c: main-1455.Icbb9a9.M0-487
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.countryfinancial.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
ccservicesinc.tt.omtrdc.net/rest/v1/ 286 B
516 B 107ms
37ms XHR
application/json 52.51.251.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccservicesinc.tt.omtrdc.net/rest/v1/delivery?client=ccservicesinc&sessionId=2b883bded7a9449480ce02f976cfe830&version=2.4.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.251.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 09670d52dce56bb848da1926fa300457a8be0cd08797795495514edd08a5c3be

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.countryfinancial.com
date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 591268cd5423fdae6c3723c1cf75b05a
content-type: application/json;charset=UTF-8

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1922682925&t=pageview&_s=1&dl=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&ul=en-us&de=UTF-8&dt=Who%20We%20Are%20-%20COUNTRY%20Financial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=1295982766&gjid=398528039&cid=1268229134.1619014636&tid=UA-54439328-1&_gid=802112561.1619014636&_r=1&gtm=2ou472&z=2040593753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.countryfinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 40ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1019681805&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54439328-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79be78baff23d50daf61be9572106c11ccf4136f91d158ea62768d9e3c60c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34102
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 14:17:16 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 35ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8490296&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54439328-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d50383dcf80a173e67b097074c5a949e9e33c8b006eb6fe1eecb406ae4228b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35890
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 14:17:16 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 39ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-3778520&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54439328-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c51e26fd7749e73f0b93a5b24c72b1bf652a0f5eeda782a6eea2fe037c4ad76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35894
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 14:17:16 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 46ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-806111816&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54439328-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

103fb403061f14b7bb48f52ddd0882ad99c5f3e2e62d7fd4f880964885ebad74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34042
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 14:17:16 GMT

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: OvCiiB8SUTxb+5lrQ+XYtn3yGwYm85J7TJfBbdA26g8QTIDyMVMgTAXNTuQE6MQwSALiqqzY4U1DuxChy2J1Aw==
x-frame-options: DENY
date: Wed, 21 Apr 2021 14:17:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 715377345781132 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 274ms
274ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/715377345781132?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8f81685823443c11aa931e22c8e0fb2c04e716ac720b2c2a687d08a71b10cbe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 4tqKuFzmiGOP2NkF4blQ6MZNo2nejGW4y0uIEnxAPG41mECUySYkCYGjrG92smKEIuAgQo9CRAAP4xN7i6gKQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Wed, 21 Apr 2021 14:17:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-54439328-1&cid=1268229134.1619014636&jid=1295982766&gjid=398528039&_gid=802112561.1619014636&_u=aGDACUAABAAAAC~&z=1574266382

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 14:17:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.countryfinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-54439328-1&cid=1268229134.1619014636&jid=1295982766&_u=aGDACUAABAAAAC~&z=1181979160

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-54439328-1&cid=1268229134.1619014636&jid=1295982766&_u=aGDACUAABAAAAC~&z=1181979160

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 35ms
34ms XHR
application/json 52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&d_mid=42224272020443715542558374255398585659&ts=1619014636178

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1741f0b92c1b9374b6ffedddc30d62d2bd2c9144ba08d081fb39f4d3289f9a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v004-0f3af8d6a.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: mjwScYwJRTQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.countryfinancial.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 19ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1019681805&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13836
x-xss-protection: 0
server: cafe
etag: 11500755331297449547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 14:17:16 GMT

GET
H/1.1 200
OK dest5.html Show response
ccservicesinc.demdex.net/ Frame 55A6 7 KB
3 KB 137ms
33ms Document
text/html 18.200.157.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ccservicesinc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.157.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: ccservicesinc.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.countryfinancial.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=21469436942187418353529094252004796520
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.countryfinancial.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 21 Apr 2021 14:17:16 GMT
DCS: dcs-prod-irl1-1-v004-00738f608.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 21 Apr 2021 11:56:42 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 43srxmKVQQM=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YIAz7AAAAHTBLCXM
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=35906794541428227032939899547200872054
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAz7AAAAHTBLCXM

42 B
975 B

70ms
70ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAz7AAAAHTBLCXM

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v004-00eade672.edge-irl1.demdex.com 6.2.1.20210416163652-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2Pcl8BmjTDA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIAz7AAAAHTBLCXM
Date: Wed, 21 Apr 2021 14:17:16 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/806111816/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/806111816/?random=1619014636241&cv=9&fst=1619014636241&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&tiba=Who%20We%20Are%20-%20COUNTRY%20Financial&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab4445358686b70ac970e737c38db1e67ec82f1fadbc579d9cef99032e6f5aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019681805/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019681805/?random=1619014636245&cv=9&fst=1619014636245&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&tiba=Who%20We%20Are%20-%20COUNTRY%20Financial&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5972e50b4cdfda02708d4c32381299c433d2a1a57c9aa791ae645a0da37a90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/806111816/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/806111816/?random=1619014636241&cv=9&fst=1619013600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&tiba=Who%20We%20Are%20-%20COUNTRY%20Financial&async=1&fmt=3&is_vtc=1&random=404848011&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/806111816/ 42 B
64 B 29ms
27ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/806111816/?random=1619014636241&cv=9&fst=1619013600000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&tiba=Who%20We%20Are%20-%20COUNTRY%20Financial&async=1&fmt=3&is_vtc=1&random=404848011&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1019681805/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1019681805/?random=1619014636245&cv=9&fst=1619013600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&tiba=Who%20We%20Are%20-%20COUNTRY%20Financial&async=1&fmt=3&is_vtc=1&random=31536120&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1019681805/ 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1019681805/?random=1619014636245&cv=9&fst=1619013600000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&tiba=Who%20We%20Are%20-%20COUNTRY%20Financial&async=1&fmt=3&is_vtc=1&random=31536120&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RCc6c6531b0e6b4d65b54c71d9f12007ea-source.min.js Show response
assets.adobedtm.com/ae9000604010/2465817f873c/b9853e734c29/ 449 B
568 B 115ms
115ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ae9000604010/2465817f873c/b9853e734c29/RCc6c6531b0e6b4d65b54c71d9f12007ea-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 236e54ad907b0ba33003618ea520b2e2d123695784ba9e0795e13c59b0b7f76b

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 14:57:13 GMT
server: AkamaiNetStorage
etag: "3bff9f2c39f1a179a82122a5f7f9acfc:1617807433.409417"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.countryfinancial.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 297
expires: Wed, 21 Apr 2021 15:17:16 GMT

GET
H2 200 RC7efe34ee0b144042abc4bf055b360279-source.min.js Show response
assets.adobedtm.com/ae9000604010/2465817f873c/b9853e734c29/ 1009 B
784 B 118ms
118ms Script
application/x-javascript 2a02:26f0:7100:1b7::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ae9000604010/2465817f873c/b9853e734c29/RC7efe34ee0b144042abc4bf055b360279-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2a14a7252460b36b7a8916763abc10ba88e5ea5ec4b00c61c03617eb9d86b810

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 14:57:13 GMT
server: AkamaiNetStorage
etag: "3bff9f2c39f1a179a82122a5f7f9acfc:1617807433.409417"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.countryfinancial.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 513
expires: Wed, 21 Apr 2021 15:17:16 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:7100:180::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:180::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=43133
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 267 KB
60 KB 109ms
32ms Script
text/javascript 13.224.89.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-207.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5898f1fbf9628861c7fff057c5259d817cfcef03197227af00a3af3e1533003

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vyuPEVPUb1_8WySscPOffAUQ.7hPzxgf
Content-Encoding: gzip
ETag: "c5f58052b1e89a13481df5c54789cd47"
Age: 3560
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 60969
Last-Modified: Wed, 21 Apr 2021 09:16:39 GMT
Server: AmazonS3
Date: Wed, 21 Apr 2021 13:17:57 GMT
Content-Type: text/javascript
Via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
Cache-Control: max-age=14400
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: zB4-ulyfxfye8haMwMoHtPq3deVM01GNaRg00WcH3fhM0pNUv2j64g==

GET
H2 200 / Show response
zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 60 KB
18 KB 117ms
53ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_6XcdVEKSdx5g9rn

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9eb46afef16960c90d1c6e212670fe9cc1876b50a558a34a507c5bd3d3289d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344811
cf-polished: origSize=62663
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
cf-request-id: 099663ebed0000ee717e0df000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"f4c7-zhsZdFVO3GeweqWSgg+MkP4Qmv8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 64373c264f7cee71-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 32ms
32ms Image
image/gif 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=715377345781132&ev=PageView&dl=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&rl=&if=false&ts=1619014636447&sw=1600&sh=1200&v=2.9.39&r=stable&a=adobe_launch&ec=0&o=30&fbp=fb.1.1619014636445.1619539345&it=1619014636128&coo=false&rqm=GET

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 21 Apr 2021 14:17:16 GMT

GET
H/1.1 200
OK Cookie set aboutus-whoweare-teaser.jpeg
www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/container_1993493550/image.coreimg.70.825.jpeg/1614800957807/ 43 KB
43 KB 131ms
130ms Image
image/jpeg 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/container_1993493550/image.coreimg.70.825.jpeg/1614800957807/aboutus-whoweare-teaser.jpeg

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

85bbc888dfb0550dc9fabc8a884f0620febad50124c986a1745eb77052b66c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 15:19:33 GMT
ETag: "ab34-5c02c9fafbf1c"
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 43828
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set cf-aboutus-whoweare-jimjacobs.jpeg
www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/image.coreimg.70.276.jpeg/1615315734716/ 9 KB
9 KB 132ms
131ms Image
image/jpeg 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/image.coreimg.70.276.jpeg/1615315734716/cf-aboutus-whoweare-jimjacobs.jpeg

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

791497f979acbf9eb18745b34f8d97976d4a1182dd5fa21f9d38fa2afd1b70b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 15:19:47 GMT
ETag: "238d-5c02ca080653a"
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 9101
X-XSS-Protection: 1; mode=block

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1222129&time=1619014636467&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1222129%26time%3D1619014636467%26url%3Dhttps%253A%252F%252Fwww.countryfinancial.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1222129&time=1619014636467&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&liSync=true

0
39 B

159ms
158ms

Image
application/javascript

2620:119:50e4:101::6cae:b55
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1222129&time=1619014636467&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&liSync=true
Requested by: Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e4:101::6cae:b55 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: Nm2p/jvldxZQFwRuhisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: mBK48jvldxbQ9zLdqSsAAA==
pragma: no-cache
x-li-pop: afd-prod-ltx1
x-msedge-ref: Ref A: 53C724B06BC2448A8CE9F3897EB7C2C9 Ref B: VIEEDGE1206 Ref C: 2021-04-21T14:17:16Z
x-frame-options: sameorigin
date: Wed, 21 Apr 2021 14:17:16 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1222129&time=1619014636467&url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s89156336992502
smetrics.countryfinancial.com/b/ss/ccsccscountryfinancialprodaem/1/JS-2.22.0-LBQ1/ 43 B
334 B 25ms
25ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.countryfinancial.com/b/ss/ccsccscountryfinancialprodaem/1/JS-2.22.0-LBQ1/s89156336992502?AQB=1&ndh=1&pf=1&t=21%2F3%2F2021%2016%3A17%3A16%203%20-120&sdid=013AD295E574AE0F-115ED916556034C8&mid=42224272020443715542558374255398585659&aamlh=6&ce=UTF-8&pageName=cfc%3Aabout-us%3Awho-we-are&g=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&cc=USD&ch=about-us&events=event10&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=9&h1=cfc%3Aabout-us%3Awho-we-are&c2=D%3Dv2&v2=wednesday&c3=D%3Dv3&v3=weekday&c4=D%3Dv4&v4=new&c5=D%3Dv5&v5=1&c6=D%3Dv6&v6=O%20Days&v10=cfc%3Aabout-us%3Awho-we-are&c14=D%3Dv14&v14=false&v20=42224272020443715542558374255398585659&c21=D%3Dv31&c26=D%3Dv26&v26=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&c29=D%3Dv10&v33=1268229134.1619014636&v36=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5D94123F5245B19E0A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:17:16 GMT
x-content-type-options: nosniff
x-c: main-1455.Icbb9a9.M0-487
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 22 Apr 2021 14:17:16 GMT
server: jag
xserver: anedge-5db677d464-44j9n
etag: 3476807456931119104-4621992398790315314
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 20 Apr 2021 14:17:16 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 96ms
29ms Script
application/x-javascript 13.224.100.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.countryfinancial.com
URL: https://www.countryfinancial.com/en/about-us/who-we-are.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-100-124.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 08:06:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 22269
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: TRvliL4oBK-YYxzXRAWNj_aqmhunuea-AHjT_1z98jwek5HK-IL7eg==

GET
H/1.1 200
OK config.aspx Show response
ws.sessioncam.com/Record/ 475 B
873 B 435ms
117ms XHR
text/javascript 54.162.154.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&jsver=589&originalUrl=https://www.countryfinancial.com&sse=1619014636601&inTg=a&acr=0
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.154.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 713b56227b7ef8fda69bc879039976821756aae421b776d206c6ce36143f5ce7

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 14:17:16 GMT
Server: Kestrel
Content-Type: text/javascript
Access-Control-Allow-Origin: https://www.countryfinancial.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 475
Expires: -1

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 32ms
32ms Ping
text/plain 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymdnBAYgq2Xa1btHA

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 21 Apr 2021 14:17:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.countryfinancial.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0AD4 0
182 B 99ms
32ms Document
text/html 52.210.90.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=usq8e9i&ref=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&upid=ecfzo3k&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.90.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-90-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=usq8e9i&ref=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html&upid=ecfzo3k&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.countryfinancial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.countryfinancial.com/

Response headers

date: Wed, 21 Apr 2021 14:17:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK Cookie set logo_basic.png
www.countryfinancial.com/content/dam/cfin/global/logos/ 44 KB
45 KB 127ms
126ms Image
image/png 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/logos/logo_basic.png

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

85a1135ab564075a688ab56729ea6e9e2e6b278aad4f305608347049ac258266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345; s_cc=true; sc.ASP.NET_SESSIONID=blrqkzgwzrty0mflugplo0is
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "b13b-5c021c55cfd08"
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 45371
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set aboutus-whoweare-teaser.jpeg
www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/container_1993493550/image.coreimg.70.825.jpeg/1614800957807/ 43 KB
43 KB 128ms
128ms Image
image/jpeg 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/container_1993493550/image.coreimg.70.825.jpeg/1614800957807/aboutus-whoweare-teaser.jpeg

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

85bbc888dfb0550dc9fabc8a884f0620febad50124c986a1745eb77052b66c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345; s_cc=true; sc.ASP.NET_SESSIONID=blrqkzgwzrty0mflugplo0is
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 15:19:33 GMT
ETag: "ab34-5c02c9fafbf1c"
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 43828
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set cf-aboutus-whoweare-jimjacobs.jpeg
www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/image.coreimg.70.276.jpeg/1615315734716/ 9 KB
9 KB 130ms
125ms Image
image/jpeg 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/en/about-us/who-we-are/_jcr_content/root/responsivegrid/responsivegrid/image.coreimg.70.276.jpeg/1615315734716/cf-aboutus-whoweare-jimjacobs.jpeg

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

791497f979acbf9eb18745b34f8d97976d4a1182dd5fa21f9d38fa2afd1b70b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345; s_cc=true; sc.ASP.NET_SESSIONID=blrqkzgwzrty0mflugplo0is
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 15:19:47 GMT
ETag: "238d-5c02ca080653a"
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 9101
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set BrokerCheck_logo.png
www.countryfinancial.com/content/dam/cfin/global/ 8 KB
8 KB 130ms
128ms Image
image/png 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/BrokerCheck_logo.png

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

7832721fb2b8862097d84c4a2883814d9cd1ec84e71b0d3ef82753d4c7241298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345; s_cc=true; sc.ASP.NET_SESSIONID=blrqkzgwzrty0mflugplo0is
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "1f86-5c021c55ae9c8"
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 8070
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set entrust-logo-mobile.png
www.countryfinancial.com/content/dam/cfin/global/logos/ 19 KB
19 KB 130ms
128ms Image
image/png 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/logos/entrust-logo-mobile.png

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

49d2ad97a15c9fabdb9fc665eee644b5f0ae6fa7613bc8a8b8cf9a5153abd094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345; s_cc=true; sc.ASP.NET_SESSIONID=blrqkzgwzrty0mflugplo0is
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "4a85-5c021c55c8fa8"
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=194
Content-Length: 19077
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set repOffice_Icon.svg
www.countryfinancial.com/content/dam/cfin/global/ 1 KB
2 KB 130ms
128ms Image
image/svg+xml 208.74.230.119
COUNTRY-INSURANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.countryfinancial.com/content/dam/cfin/global/repOffice_Icon.svg

Requested by

Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

208.74.230.119 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE, US),

Reverse DNS

countryfinancialblog.com

Software

Resource Hash

070cfa3608def237f5223abb1aa848179a8f82482681cdf66c2d519801787a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.countryfinancial.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; at_check=true; _ga=GA1.2.1268229134.1619014636; _gid=GA1.2.802112561.1619014636; _gat_gtag_UA_54439328_1=1; s_ecid=MCMID%7C42224272020443715542558374255398585659; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; _gcl_au=1.1.1861547816.1619014636; mbox=session#2b883bded7a9449480ce02f976cfe830#1619016496|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0; NewRepeat=true; VisitNum=1; DateLastVisit=1619014636439.595; s_ppv=cfc:about-us:who-we-are; _fbp=fb.1.1619014636445.1619539345; s_cc=true; sc.ASP.NET_SESSIONID=blrqkzgwzrty0mflugplo0is
Connection: keep-alive
Referer: https://www.countryfinancial.com/en/about-us/who-we-are.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:17:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Apr 2021 02:22:41 GMT
ETag: "4c6-5c021c55e8b78"
Connection: Keep-Alive
Content-Type: image/svg+xml
Cache-Control: no-cache
Set-Cookie: TS017eb1da=013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88; Path=/; Domain=.www.countryfinancial.com; Secure; HTTPOnly
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 1222
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK GetPageId Show response
ws.sessioncam.com/Record/record.asmx/ 0
219 B 339ms
333ms XHR
text/plain 54.162.154.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/record.asmx/GetPageId?url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.154.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.countryfinancial.com
Date: Wed, 21 Apr 2021 14:17:17 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK SaveEvents Show response
ws.sessioncam.com/Record/record.asmx/ 0
251 B 105ms
104ms XHR
application/json 54.162.154.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/record.asmx/SaveEvents?url=https%3A%2F%2Fwww.countryfinancial.com%2Fen%2Fabout-us%2Fwho-we-are.html
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.154.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.countryfinancial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.countryfinancial.com
Date: Wed, 21 Apr 2021 14:17:17 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dpm.demdex.net
URL: http://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1619014635914

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.countryfinancial.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.countryfinancial.com/	1970-01-19 19:53:10	Name: _fbp Value: fb.1.1619014636445.1619539345
www.countryfinancial.com/	1969-12-31 23:59:59	Name: s_ppv Value: cfc:about-us:who-we-are
www.countryfinancial.com/	1970-01-19 18:26:46	Name: DateLastVisit Value: 1619014636439.595
.countryfinancial.com/	1969-12-31 23:59:59	Name: at_check Value: true
.countryfinancial.com/	1970-01-20 11:14:46	Name: AMCV_5D94123F5245B19E0A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18739%7CMCMID%7C42224272020443715542558374255398585659%7CMCAID%7CNONE%7CMCOPTOUT-1619021836s%7CNONE%7CMCAAMLH-1619619436%7C6%7CMCAAMB-1619619436%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-18746%7CvVersion%7C5.2.0
.demdex.net/	1970-01-19 22:02:46	Name: demdex Value: 21469436942187418353529094252004796520
.countryfinancial.com/	1970-01-20 11:17:39	Name: mbox Value: session#2b883bded7a9449480ce02f976cfe830#1619016496\|PC#2b883bded7a9449480ce02f976cfe830.37_0#1682259437
www.countryfinancial.com/	1969-12-31 23:59:59	Name: NewRepeat Value: true
www.countryfinancial.com/	1969-12-31 23:59:59	Name: VisitNum Value: 1
.countryfinancial.com/	1970-01-20 11:14:46	Name: s_ecid Value: MCMID%7C42224272020443715542558374255398585659
.countryfinancial.com/	1970-01-19 17:45:01	Name: _gid Value: GA1.2.802112561.1619014636
.countryfinancial.com/	1969-12-31 23:59:59	Name: AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg Value: 1
.countryfinancial.com/	1970-01-20 11:14:46	Name: _ga Value: GA1.2.1268229134.1619014636
.countryfinancial.com/	1970-01-19 19:53:10	Name: _gcl_au Value: 1.1.1861547816.1619014636
.countryfinancial.com/	1970-01-19 17:43:34	Name: _gat_gtag_UA_54439328_1 Value: 1
.www.countryfinancial.com/	1969-12-31 23:59:59	Name: TS017eb1da Value: 013196006c0c10c7ba018fa71eedab720ae5d8df78eddf22074b3b608f43397c9dde11088c6c11df8b41db175d87e431297332ea88

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
ccservicesinc.demdex.net
ccservicesinc.tt.omtrdc.net
cl.s11.exct.net
cm.everesttech.net
connect.facebook.net
d2oh4tlt9mrke9.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
px.ads.linkedin.com
smetrics.countryfinancial.com
snap.licdn.com
stats.g.doubleclick.net
ws.sessioncam.com
www.countryfinancial.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com
dpm.demdex.net
104.17.208.240
13.111.71.12
13.224.100.124
13.224.89.207
142.250.185.130
18.200.157.96
208.74.230.119
2620:119:50e4:101::6cae:b55
2620:1ec:22::14
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c06::9d
2a02:26f0:7100:180::25ea
2a02:26f0:7100:1b7::1e80
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
35.181.18.61
52.210.90.219
52.30.135.179
52.51.251.137
54.162.154.79
99.81.11.244
00039484375eededb3ba7f44e6f8643efcc71096d52a9c555071c999ab5e2777
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
070cfa3608def237f5223abb1aa848179a8f82482681cdf66c2d519801787a40
09670d52dce56bb848da1926fa300457a8be0cd08797795495514edd08a5c3be
103fb403061f14b7bb48f52ddd0882ad99c5f3e2e62d7fd4f880964885ebad74
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1741f0b92c1b9374b6ffedddc30d62d2bd2c9144ba08d081fb39f4d3289f9a90
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
1e091402a573f321a73afb0cb35939b6e7403b85820de276581c8ff90809c469
236e54ad907b0ba33003618ea520b2e2d123695784ba9e0795e13c59b0b7f76b
2a14a7252460b36b7a8916763abc10ba88e5ea5ec4b00c61c03617eb9d86b810
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
49d2ad97a15c9fabdb9fc665eee644b5f0ae6fa7613bc8a8b8cf9a5153abd094
4bcba6725de272085a7e5daccbaa3e90612f8af82845ee7296f1593d52367da5
55b4cc90a8f3845fc6b2efdf517de51e9019d6a3f1fe14aefff9be074aebf44d
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f778592cd3b3503d240305b96df05b48de3f0be4941f85d77baf75a514a0cb9
713b56227b7ef8fda69bc879039976821756aae421b776d206c6ce36143f5ce7
7832721fb2b8862097d84c4a2883814d9cd1ec84e71b0d3ef82753d4c7241298
791497f979acbf9eb18745b34f8d97976d4a1182dd5fa21f9d38fa2afd1b70b4
79be78baff23d50daf61be9572106c11ccf4136f91d158ea62768d9e3c60c229
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a1135ab564075a688ab56729ea6e9e2e6b278aad4f305608347049ac258266
85bbc888dfb0550dc9fabc8a884f0620febad50124c986a1745eb77052b66c6a
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
9eb46afef16960c90d1c6e212670fe9cc1876b50a558a34a507c5bd3d3289d23
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a59f60fbd72a8f75b857fab6c7b347acb0ee615beaf798b6b8912fed504f9b46
a8c0cb8de53fab7b4947431b264c78723dd481da5a84f69290fae70a8eaab68f
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab4445358686b70ac970e737c38db1e67ec82f1fadbc579d9cef99032e6f5aa0
c51e26fd7749e73f0b93a5b24c72b1bf652a0f5eeda782a6eea2fe037c4ad76d
c5972e50b4cdfda02708d4c32381299c433d2a1a57c9aa791ae645a0da37a90a
c69737729bfeffad46e66417ed01bff74a95b62b5265abafe011777f5d87f09f
c88f27aa1960c709d984fdd87c9de6f1cdefcc6488edd2d34c76c3708575040f
c8f81685823443c11aa931e22c8e0fb2c04e716ac720b2c2a687d08a71b10cbe
d50383dcf80a173e67b097074c5a949e9e33c8b006eb6fe1eecb406ae4228b5b
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
db281d4dfe0de9101e712229108033bc983d810ddba073e6dd642bdaa639b940
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f20720b00af7a5dc968cb4af0ab0267f97ab4db84541de035d30c1cab71e1f1a
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f5898f1fbf9628861c7fff057c5259d817cfcef03197227af00a3af3e1533003
ff61cc682335c684cc99d380b7fac1d84fb59d5543a403c129f0d1b6419bc83e

www.countryfinancial.com Open in urlscan Pro 208.74.230.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

69 Requests

99 %HTTPS

52 %IPv6

22 Domains

27 Subdomains

25 IPs

5 Countries

1156 kBTransfer

2458 kBSize

17 Cookies

11 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.countryfinancial.com Open in urlscan Pro
208.74.230.119 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

52 %
IPv6

22
Domains

27
Subdomains

25
IPs

5
Countries

1156 kB
Transfer

2458 kB
Size

17
Cookies

69 HTTP transactions
0 data transactions