highlandfinancialgrp.com Open in urlscan Pro
148.72.8.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://highlandfinancialgrp.com/good-bye/
Submission: On February 21 via api (February 21st 2023, 12:53:27 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 67 HTTP transactions. The main IP is 148.72.8.123, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is highlandfinancialgrp.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 18th 2023. Valid for: 3 months.

This is the only time highlandfinancialgrp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	148.72.8.123 148.72.8.123	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 1	104.26.8.183 104.26.8.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::ac43:4703	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	52.217.76.238 52.217.76.238	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
2	52.6.176.11 52.6.176.11	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.167.233 52.217.167.233	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
67	14

25 148.72.8.123 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 123.8.72.148.host.secureserver.net

highlandfinancialgrp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.183 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.76.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.176.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-176-11.compute-1.amazonaws.com

app.provely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.167.233 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tidio-images-messenger.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

khms0.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	highlandfinancialgrp.com highlandfinancialgrp.com	561 KB
19	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 365 ajax.googleapis.com — Cisco Umbrella Rank: 298 fonts.googleapis.com — Cisco Umbrella Rank: 43 khms0.googleapis.com — Cisco Umbrella Rank: 5809	337 KB
8	tidiochat.com widget-v4.tidiochat.com — Cisco Umbrella Rank: 16723 avatars.tidiochat.com — Cisco Umbrella Rank: 291532	338 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	75 KB
4	gstatic.com maps.gstatic.com fonts.gstatic.com	101 KB
2	provely.io app.provely.io — Cisco Umbrella Rank: 176247	4 KB
2	amazonaws.com s3.amazonaws.com tidio-images-messenger.s3.amazonaws.com — Cisco Umbrella Rank: 516836	147 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	2 KB
1	tidio.co 1 redirects code.tidio.co — Cisco Umbrella Rank: 14444	483 B
67	9

	Domain	Requested by
25	highlandfinancialgrp.com	highlandfinancialgrp.com
15	maps.googleapis.com	www.google.com maps.googleapis.com highlandfinancialgrp.com
7	widget-v4.tidiochat.com	highlandfinancialgrp.com code.tidio.co
6	www.google.com	highlandfinancialgrp.com maps.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	maps.googleapis.com
2	app.provely.io	ajax.googleapis.com s3.amazonaws.com
2	maps.gstatic.com	www.google.com highlandfinancialgrp.com
1	khms0.googleapis.com
1	cdnjs.cloudflare.com
1	avatars.tidiochat.com
1	tidio-images-messenger.s3.amazonaws.com
1	ajax.googleapis.com	s3.amazonaws.com
1	s3.amazonaws.com	highlandfinancialgrp.com
1	code.tidio.co	1 redirects
67	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
highlandfinancialgrp.com cPanel, Inc. Certification Authority	`2023-01-18` - `2023-04-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
provely.io Amazon	`2022-08-31` - `2023-09-29`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://highlandfinancialgrp.com/good-bye/
Frame ID: 0CFE6913F218CF8730A6B269EF735505
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395
Frame ID: F8BF6A334F49D553C0BBE2C4FBD5C587
Requests: 42 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_141_0/static/js/chunk-WidgetIframe-326fdf51a69c63448a75.js
Frame ID: 917F9F82D70F077994BBDA23D58C26D7
Requests: 5 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 06289A07CF70681293A157F836139950
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Good Bye – Highland Financial Capital Group

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

67
Requests

99 %
HTTPS

64 %
IPv6

9
Domains

15
Subdomains

14
IPs

3
Countries

1565 kB
Transfer

4630 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Highland-Capital-Group/190748771003070

Search URL Search Domain Scan URL

URL: https://twitter.com/HighlandFinanci

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups/Atlanta-Equity-Investment-Group-1815214/about

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://code.tidio.co/nzuuc2cogunhhq2cupw5wccne2kdyeem.js HTTP 302
https://widget-v4.tidiochat.com/1_141_0/static/js/render.326fdf51a69c63448a75.js

67 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
highlandfinancialgrp.com/good-bye/ 55 KB
13 KB 497ms
178ms Document
text/html 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache / PHP/7.3.33
Resource Hash: 9685709dbc5d7f5f167d8aad50e1fb701b6ebe6f307086a3a8783e09f9988124

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-length: 13117
content-type: text/html; charset=UTF-8
date: Tue, 21 Feb 2023 12:53:21 GMT
last-modified: Tue, 21 Feb 2023 12:50:10 GMT
server: Apache
vary: Accept-Encoding,Cookie
x-powered-by: PHP/7.3.33

GET
H2 200 jquery.bxslider.css
highlandfinancialgrp.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/includes/libraries/bxslider-4/dist/ 4 KB
1 KB 156ms
153ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/includes/libraries/bxslider-4/dist/jquery.bxslider.css?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 2a71d14cea1c3c9aa7a217f8d053955ef35812b2c8446f01199bcc78eb52d3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Tue, 03 May 2022 20:09:19 GMT
server: Apache
etag: "20a018c-fca-5de21157799c0-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1057

GET
H2 200 testimonials-widget.css
highlandfinancialgrp.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/assets/css/ 3 KB
607 B 157ms
154ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/testimonials-widget/includes/libraries/testimonials-widget/assets/css/testimonials-widget.css?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Tue, 03 May 2022 20:09:19 GMT
server: Apache
etag: "20a00db-a1a-5de21157799c0-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 550

GET
H2 200 testimonials-widget-premium.css
highlandfinancialgrp.com/wp-content/plugins/testimonials-widget/assets/css/ 2 KB
460 B 156ms
154ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget-premium.css?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 6828300d5b79d0f302a4592359059d88c8ab8b55ec1892e90495fb8c4c00f7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Tue, 03 May 2022 20:09:19 GMT
server: Apache
etag: "2081d2c-708-5de21157799c0-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 403

GET
H2 200 cookie-law-info-public.css
highlandfinancialgrp.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
905 B 157ms
155ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.8
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2023 20:09:54 GMT
server: Apache
etag: "254019d-c22-5f14d88dc51ee-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 824

GET
H2 200 cookie-law-info-gdpr.css
highlandfinancialgrp.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 27 KB
4 KB 308ms
306ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.8
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2023 20:09:54 GMT
server: Apache
etag: "254019f-6a71-5f14d88dc55d6-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4118

GET
H2 200 genericons.css
highlandfinancialgrp.com/wp-content/plugins/show-hidecollapse-expand/assets/css/genericons/ 28 KB
16 KB 274ms
272ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/show-hidecollapse-expand/assets/css/genericons/genericons.css?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 33edb620b81a07506bef700f4829db420709846a992e802f45d86a9b184a6d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Sun, 27 Jun 2021 18:51:00 GMT
server: Apache
etag: "2081bcd-704c-5c5c3da944d00-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 16134

GET
H2 200 bg-show-hide.css
highlandfinancialgrp.com/wp-content/plugins/show-hidecollapse-expand/assets/css/ 9 KB
1 KB 157ms
155ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/show-hidecollapse-expand/assets/css/bg-show-hide.css?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 18e4c73a0a195433516f41fa6cf708e88f7c48d1efc549d15b3782b6fde7ef89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Sun, 27 Jun 2021 18:51:00 GMT
server: Apache
etag: "2081bc8-25c9-5c5c3da944d00-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1358

GET
H2 200 1f0cb79643e169f33023c3050f2df5c8.min.css
highlandfinancialgrp.com/wp-content/uploads/fusion-styles/ 1 MB
131 KB 459ms
458ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/uploads/fusion-styles/1f0cb79643e169f33023c3050f2df5c8.min.css?ver=3.3
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 5d43714f050311083dee6a58ccbb27aa1883bce45ed80f11012f0ce37eb32b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 10:10:49 GMT
server: Apache
etag: "20c0986-125c85-5cf52cee5fc40-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ 87 KB
30 KB 310ms
308ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Tue, 20 Jul 2021 20:01:36 GMT
server: Apache
etag: "20c1170-15db1-5c793856a2800-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30310

GET
H2 200 jquery-migrate.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ 11 KB
4 KB 610ms
609ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Wed, 09 Dec 2020 08:50:35 GMT
server: Apache
etag: "20c1168-2bd8-5b604270f6cc0-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3998

GET
H2 200 cookie-law-info-public.js Show response
highlandfinancialgrp.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 33 KB
7 KB 611ms
610ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.8
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:21 GMT
content-encoding: br
last-modified: Mon, 02 Jan 2023 20:09:54 GMT
server: Apache
etag: "2560f9d-8583-5f14d88dc5da6-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7229

GET
H2 200 Highland-Logo-300x92-2.png
highlandfinancialgrp.com/wp-content/uploads/2019/12/ 21 KB
22 KB 156ms
155ms Image
image/png 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highlandfinancialgrp.com/wp-content/uploads/2019/12/Highland-Logo-300x92-2.png
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: a7a86c113b0a44a7ff027f517644b295d4ab2f6de663c8faced1c35ffcdc2079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
last-modified: Tue, 31 Dec 2019 15:47:51 GMT
server: Apache
accept-ranges: bytes
etag: "20c0472-5535-59b01e1e977c0"
content-length: 21813
content-type: image/png

GET
H2 200 Highland-Logo-Mobile.jpg
highlandfinancialgrp.com/wp-content/uploads/2018/12/ 82 KB
83 KB 156ms
155ms Image
image/jpeg 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highlandfinancialgrp.com/wp-content/uploads/2018/12/Highland-Logo-Mobile.jpg
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 93eb1fedbfd3b6d72d2b1ed0940da84a6a4d369bb0f48730b74e1121811e17c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
last-modified: Thu, 15 Aug 2019 05:39:29 GMT
server: Apache
accept-ranges: bytes
etag: "20c0430-14826-590214c1f6640"
content-length: 84006
content-type: image/jpeg

GET
H2 200 Highland-Logo.png
highlandfinancialgrp.com/wp-content/uploads/2018/12/ 127 KB
128 KB 315ms
314ms Image
image/png 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://highlandfinancialgrp.com/wp-content/uploads/2018/12/Highland-Logo.png
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 34429b1c4e66ecd0783aca2ebe97823e859e6d2872c0ee73a7db408ac495d165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
last-modified: Thu, 15 Aug 2019 05:39:31 GMT
server: Apache
accept-ranges: bytes
etag: "20c0432-1fb46-590214c3deac0"
content-length: 129862
content-type: image/png

GET
H2 200 wp-emoji-release.min.js Show response
highlandfinancialgrp.com/wp-includes/js/ 18 KB
5 KB 458ms
458ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/wp-emoji-release.min.js?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Tue, 20 Jul 2021 20:01:36 GMT
server: Apache
etag: "20c10bd-4705-5c793856a2800-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4542

GET
H2 200 style.min.css
highlandfinancialgrp.com/wp-includes/css/dist/block-library/ 81 KB
10 KB 312ms
312ms Stylesheet
text/css 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/css/dist/block-library/style.min.css?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 20:59:07 GMT
server: Apache
etag: "20c0f76-145db-5df274b80bcc0-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 10546

GET
H2 200 effect.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ui/ 17 KB
6 KB 156ms
155ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 20:59:07 GMT
server: Apache
etag: "20c11ac-43cf-5df274b80bcc0-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6309

GET
H2 200 effect-slide.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ui/ 901 B
542 B 156ms
154ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/ui/effect-slide.min.js?ver=1.13.1
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: f7f639c14daca92fe9f66f08d4ef076d2413eb99dbc35129158de1814d1d7c91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 20:59:07 GMT
server: Apache
etag: "20c11a8-385-5df274b80bcc0-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 484

GET
H2 200 effect-highlight.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ui/ 632 B
399 B 155ms
153ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/ui/effect-highlight.min.js?ver=1.13.1
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: fe4a54844495b5ea28b5813e3c2baa18da12c9c9d1ca6d130973f50aec64be15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 20:59:07 GMT
server: Apache
etag: "20c119c-278-5df274b80bcc0-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 342

GET
H2 200 effect-fold.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ui/ 1004 B
566 B 156ms
154ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/ui/effect-fold.min.js?ver=1.13.1
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: b7b764d39a628eb68e0435b1f89ce33b1a8b297a98f517653fc1ba37677c03b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 20:59:07 GMT
server: Apache
etag: "20c119a-3ec-5df274b80bcc0-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 509

GET
H2 200 effect-blind.min.js Show response
highlandfinancialgrp.com/wp-includes/js/jquery/ui/ 864 B
502 B 157ms
155ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-includes/js/jquery/ui/effect-blind.min.js?ver=1.13.1
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 5b7cf2e9a80f496ad0b7673b4228631a2262599454e1d420cd262d72ec087fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 20:59:07 GMT
server: Apache
etag: "20c118e-360-5df274b80bcc0-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 445

GET
H2 200 bg-show-hide.js Show response
highlandfinancialgrp.com/wp-content/plugins/show-hidecollapse-expand/assets/js/ 3 KB
883 B 158ms
156ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/plugins/show-hidecollapse-expand/assets/js/bg-show-hide.js?ver=cf8c8e12ba37136e2177f263b794f95b
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: e367fa329ea832bb95d3b65639677879f70fa7e77a2953a99b3f88b6114cb0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Sun, 27 Jun 2021 18:51:00 GMT
server: Apache
etag: "2081bd1-bc6-5c5c3da944d00-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 825

GET
H2 200 50bd38a408b384386ea4c9cef8c61fea.min.js Show response
highlandfinancialgrp.com/wp-content/uploads/fusion-scripts/ 358 KB
83 KB 308ms
307ms Script
application/javascript 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/uploads/fusion-scripts/50bd38a408b384386ea4c9cef8c61fea.min.js?ver=3.3
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: b74a4a83f0b6ee52334e2cf2119fb930852a31a805de30c2eb9088235fb492c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/good-bye/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 23:55:22 GMT
server: Apache
etag: "20c0977-596b2-5ca7f198ece80-br"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 84421

GET
H2

200

render.326fdf51a69c63448a75.js Show response
widget-v4.tidiochat.com/1_141_0/static/js/
Redirect Chain

https://code.tidio.co/nzuuc2cogunhhq2cupw5wccne2kdyeem.js
https://widget-v4.tidiochat.com/1_141_0/static/js/render.326fdf51a69c63448a75.js

22 KB
8 KB

46ms
16ms

Script
application/javascript

2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_141_0/static/js/render.326fdf51a69c63448a75.js
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 007651dbf596dc66b447b1512e5956977e667d3c801e3032782df7d8867936c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 13:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6448
etag: W/"63ecd81b-571f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63U3VZOij%2BPmuFVsXUlP4Utk5QO8cXKh0rXK0UbxYTkvehVx9Zi1%2B5LP9tysHoDNvQfCKmM2WYC8t5KL67oVVys47KjIcEH8wJbZyb%2BbGVS%2BbfYpwMl7TdEPbrJ7Wsxo71sx8gGVwr76Sfv2CZcmxjDZlD0N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 79cf9fe0a8299b88-FRA

Redirect headers

date: Tue, 21 Feb 2023 12:53:22 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HL1Aw1B6JpYuFlPSK0YXTyIr2gjzvHvyl4a5LJ7%2F8GTuuKMTE3wIt2gTRUeKHUmURDSTvlFZuBWJ0DcUpsV2c0pMLQdzw1Qdrn5eT0kCftAya%2FC2CxLrpcxdACJ4E1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_141_0/static/js/render.326fdf51a69c63448a75.js
cache-control: public, s-maxage=300, max-age=0
cf-ray: 79cf9fe0290637d1-FRA

GET
H2 200 embed Show response
www.google.com/maps/ Frame F8BF 4 KB
2 KB 237ms
213ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

2650381b0abcf47a01f03e0e6d1d8785af9252dc7d731dcd7d14e7ac88dade04

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-S0h6ZVYFPpRed-wOz2H_rw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://highlandfinancialgrp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1386
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-S0h6ZVYFPpRed-wOz2H_rw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Tue, 21 Feb 2023 12:53:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icomoon.woff
highlandfinancialgrp.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
13 KB 442ms
442ms Font
font/woff 148.72.8.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://highlandfinancialgrp.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/wp-content/uploads/fusion-styles/1f0cb79643e169f33023c3050f2df5c8.min.css?ver=3.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.8.123 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 123.8.72.148.host.secureserver.net
Software: Apache /
Resource Hash: 22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4

Request headers

Referer: https://highlandfinancialgrp.com/wp-content/uploads/fusion-styles/1f0cb79643e169f33023c3050f2df5c8.min.css?ver=3.3
Origin: https://highlandfinancialgrp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 20:51:54 GMT
server: Apache
etag: "20a14fe-51ac-5bec72b132e80-br"
vary: Accept-Encoding
content-type: font/woff
accept-ranges: bytes
content-length: 12909

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame F8BF 171 KB
56 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

f82500cab210326df5603494d49d3fab377c5beffe021934c121f2fb663bd41b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:27:46 GMT
content-encoding: gzip
server: mafe
age: 1536
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57302
x-xss-protection: 0
expires: Tue, 21 Feb 2023 12:57:46 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame F8BF 3 B
46 B 53ms
28ms XHR
application/json 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/52/1/intl/de_ALL/ Frame F8BF 223 KB
69 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/52/1/intl/de_ALL/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bca4214791d880e2e0b1983c848365ad5d09e331a75f3f98c4a5d853e5bedd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69650
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:20:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:30:22 GMT

GET
H/1.1 200
OK provely-2.0.js Show response
s3.amazonaws.com/provely-public/w/ 19 KB
19 KB 317ms
117ms Script
application/javascript 52.217.76.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/provely-public/w/provely-2.0.js
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.76.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb6d40a53f0decda2c464eae0617970c98d792a08137c79501424bc620b28d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 12:53:24 GMT
Last-Modified: Thu, 15 Sep 2022 04:35:26 GMT
Server: AmazonS3
x-amz-request-id: 4MFJT9MC2D464822
ETag: "ef25040e9190338649091a8cd0320c8b"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 19075
x-amz-id-2: 7MwU1S1H5rmVGWsiZBIUJ4Z14KFW0FGueElllOSEnCTvBPrz7GrSOPfhVIzr+Rfq/41lIs6WokA=

GET
H2 200 chunk-WidgetIframe-326fdf51a69c63448a75.js Show response
widget-v4.tidiochat.com/1_141_0/static/js/ Frame 917F 347 KB
89 KB 27ms
25ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_141_0/static/js/chunk-WidgetIframe-326fdf51a69c63448a75.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/nzuuc2cogunhhq2cupw5wccne2kdyeem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b24beb80353525a9e3bdf8e8e2f8e5162d81690396d184328038009af053c27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 13:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2120
etag: W/"63ecd81b-56a74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFlBrDGuZzOxj7HrOT4Z%2FxQWGUyzIsgnBLvVCEY72XUsa%2BTYARDlnoKGXeDsH5JCb4E4TUDNL72Ec8Ov1u0FOvP%2BaC28WQj%2FhHKkEflPS02kj5yVqOuLRIDhDIopLyxE2z9NRXXLMDHvMw9ey8Z56YAjS9ul"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 79cf9fe2bb989b88-FRA

GET
H2 200 mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 917F 27 KB
27 KB 44ms
25ms Font
font/woff2 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/nzuuc2cogunhhq2cupw5wccne2kdyeem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin: https://highlandfinancialgrp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 13:03:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 209
etag: "63ecd817-6b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1L%2F6t39K%2FKFA94pvWNPHuZqq4hdXwaN8i%2FqxuIJDP0FA%2Fmd8%2BDvkrDPD0qbL5SbD7jigjY5jRZ20ayzNBz3XjNB7wMQtDEPzIb4LDC%2B%2BddQ6bR1JfHMAnNuID7v3evPJbDsAy2nL%2BSJ2FYu6glK%2BI5QBJjP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 79cf9fe2d85890ae-FRA
content-length: 27400

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 917F 7 KB
7 KB 17ms
15ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 578562
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Tue, 14 Feb 2023 10:23:04 GMT
server: cloudflare
etag: "63eb6108-1c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2z9imhmmuWurFLmn7H11IuG93F3OkTLvJPqekNyU5tzhGdgrhgLvwyOiIbl7RkVVG9k72ayZCtskhQQMyl55i3u2AkvFExOsvqNtFdavEVluGQw7LdCvqnkTd0zMCFvgqDx2zI8yoeMhRvyyurCXZSe0toB"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 79cf9fe2cbb29b88-FRA
expires: Tue, 28 Feb 2023 20:10:41 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 270 KB
76 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e3dabfd5fb9a19d057d0fe49102c8170ddef0cc1743e705a314a4e1f0f73a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77075
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:13:44 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 159 KB
58 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11f0e99e5953681749ca4ad11699cadf46c90a561f2e7543123a83fb55f3ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59537
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 22:57:55 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 76 KB
27 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f72fedfff31f1ae6250bf47c8425ced3bb21ea3a0cd0a4ea02318aa50a4fe853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27612
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:13:44 GMT

GET
H3 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 3 KB
1 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1834c3da2fabdef10d97e16658295065d7bc5d93f6cbaa4e76da206e74f9dc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:14:28 GMT

GET
DATA 200
OK truncated
/ Frame F8BF 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame F8BF 21 KB
21 KB 16ms
12ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i2228302&2i3355015&2e1&3u15&4m2&1u250&2u250&5m6&1e0&5sde-DE&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=21967

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5223bb193ac73918b53434ee625b4d5409b4d5b5124ca19d890071ff17f0a0c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:50:44 GMT
server: scaffolding on HTTPServer2
age: 159
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21241
x-xss-protection: 0
expires: Wed, 22 Feb 2023 12:50:44 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 27 KB
10 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88cc963087f36b037c5fc4371811504bd7d2e44aa8a0db0c5fe06e9738e1111c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10058
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:13:44 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 3 KB
1 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a188fbb8b61131f413fca2b8b1978c33cb89e7a3210dfb665bc8a290d1280c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1405
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:21:44 GMT

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame F8BF 326 B
692 B 15ms
15ms Image
image/bmp 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 21 Feb 2023 12:53:23 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame F8BF 13 KB
2 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d33.83778220723669&2d-84.38284129700479&2m2&1d33.86540343188383&2d-84.34987402887755&2u15&4sde-DE&5e0&6sm%40634000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._a4hfsl&client=google-maps-embed&token=108232

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7c610d4c965ec9c40d92ae638cb7caa6f01845cfb3153af07cf053ba0841a943

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.326fdf51a69c63448a75.js Show response
widget-v4.tidiochat.com/1_141_0/static/js/ Frame 917F 532 KB
164 KB 31ms
30ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_141_0/static/js/widget.326fdf51a69c63448a75.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/nzuuc2cogunhhq2cupw5wccne2kdyeem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a18ff6c9f361ac782380effe66dab49ccb0d5a1759b9900bff06d46c9ad740

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 13:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6436
etag: W/"63ecd81b-84ef4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFCcb12i3q1s6T%2BugxXucQ%2FvBt97w06GvyDI6%2FNvOax0vUFafYX9M%2BdVAYTTXpO0RcZaVXX153wA5wYf94hF%2ByN758f3MSXzXBUKo0MKh4om9IilgSolxNMKhuOqTA8slFSz2lushYGVm0EBwlhBy4lKYLkQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 79cf9fe3dd739b88-FRA

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame F8BF 62 B
84 B 23ms
23ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=64385

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vt
www.google.com/maps/ Frame F8BF 21 KB
21 KB 122ms
121ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i15!2i8705!3i13106!4i256!2m3!1e0!2sm!3i634373623!2m36!1e2!2sspotlight!5i1!8m32!1m2!12m1!20e1!2m6!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!4m2!3d33.8520311!4d-84.3662805!5e0!11e11!13m12!2sa!14b1!18m5!6b0!9b1!20b1!21b1!22b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!19u87!3m12!2sde-DE!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&client=google-maps-embed&token=112419

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0a929c0d354c1509e9996481370970899205b2c1abcc964f4a34a94e5de9c346

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21571
x-xss-protection: 0
x-server-version-bin: CggIBBCL/7efBgoICAUQk8KnnwY=
server: scaffolding on HTTPServer2
etag: 04440e58bebc83c56
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Tue, 21 Feb 2023 12:58:23 GMT

GET
H2 200 vt
www.google.com/maps/ Frame F8BF 22 KB
23 KB 118ms
117ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i15!2i8704!3i13106!4i256!2m3!1e0!2sm!3i634373623!2m36!1e2!2sspotlight!5i1!8m32!1m2!12m1!20e1!2m6!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!4m2!3d33.8520311!4d-84.3662805!5e0!11e11!13m12!2sa!14b1!18m5!6b0!9b1!20b1!21b1!22b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!19u87!3m12!2sde-DE!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&client=google-maps-embed&token=110409

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

866502701b3005a553ca2ef331f714349ab805c9dcca66c7e750d048a32b33d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22989
x-xss-protection: 0
x-server-version-bin: CggIBBCL/7efBgoICAUQk8KnnwY=
server: scaffolding on HTTPServer2
etag: 09ab093510d4e70e5
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Tue, 21 Feb 2023 12:58:23 GMT

GET
H2 200 vt
www.google.com/maps/ Frame F8BF 14 KB
14 KB 132ms
131ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i15!2i8704!3i13105!4i256!2m3!1e0!2sm!3i634373623!2m36!1e2!2sspotlight!5i1!8m32!1m2!12m1!20e1!2m6!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!4m2!3d33.8520311!4d-84.3662805!5e0!11e11!13m12!2sa!14b1!18m5!6b0!9b1!20b1!21b1!22b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!19u87!3m12!2sde-DE!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&client=google-maps-embed&token=53314

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

68dd7dd72dd47f439cb0947c37c4216e1c24769cf7ac4db649c26ea628008c0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14122
x-xss-protection: 0
x-server-version-bin: CggIBBCL/7efBgoICAUQk8KnnwY=
server: scaffolding on HTTPServer2
etag: 04fa89f18e69c1fd7
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Tue, 21 Feb 2023 12:58:23 GMT

GET
H2 200 vt
www.google.com/maps/ Frame F8BF 14 KB
14 KB 113ms
112ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/maps/vt?pb=!1m5!1m4!1i15!2i8705!3i13105!4i256!2m3!1e0!2sm!3i634373623!2m36!1e2!2sspotlight!5i1!8m32!1m2!12m1!20e1!2m6!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!4m2!3d33.8520311!4d-84.3662805!5e0!11e11!13m12!2sa!14b1!18m5!6b0!9b1!20b1!21b1!22b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!19u87!3m12!2sde-DE!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&client=google-maps-embed&token=55324

Requested by

Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

53523c33c0478109a2d35bc029f17a97cda5af7acbf53308daae7b98aefeeac5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
x-server-version-bin: CggIBBCL/7efBgoICAUQk8KnnwY=
server: scaffolding on HTTPServer2
etag: 02e9f5cb7b55b16b5
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Tue, 21 Feb 2023 12:58:23 GMT

GET
H2 200 vt Show response
www.google.com/maps/ Frame F8BF 7 KB
2 KB 126ms
126ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/vt?pb=!1m4!1m3!1i15!2i8704!3i13105!1m4!1m3!1i15!2i8705!3i13105!1m4!1m3!1i15!2i8704!3i13106!1m4!1m3!1i15!2i8705!3i13106!2m3!1e0!2sm!3i634373623!2m36!1e2!2sspotlight!5i1!8m32!1m2!12m1!20e1!2m6!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!4m2!3d33.8520311!4d-84.3662805!5e0!11e11!13m12!2sa!14b1!18m5!6b0!9b1!20b1!21b1!22b1!22m3!6e2!7e3!8e2!19u12!19u14!19u29!19u37!19u30!19u61!19u70!19u87!3m12!2sde-DE!3sUS!5e289!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1!23i1379903&client=google-maps-embed&token=16135

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

215c4f2e5de836fd8861b35308d892d442710e8ccc214ef168075db3d8f2145b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3313.4599447708474!2d-84.36846918585307!3d33.852035535703536!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88f5094c0a398e9b%3A0x8632236150c09796!2sHighland+Financial+Group!5e0!3m2!1sen!2sus!4v1499961542395
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1824
x-xss-protection: 0
x-server-version-bin: CggIBBCL/7efBgoICAUQk8KnnwY=
server: scaffolding on HTTPServer2
etag: 012be8c914cd14ac0
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: private, max-age=300
expires: Tue, 21 Feb 2023 12:53:23 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame F8BF 62 B
83 B 18ms
18ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7se8z69b&10e1&11b0&callback=_xdc_._3lrvy3&client=google-maps-embed&token=85557

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

2e347b11f5ceee93a8007a5d5a35953b3933ea089180f8ad839b112f7e2fcb76

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 917F 7 KB
7 KB 15ms
15ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: highlandfinancialgrp.com
URL: https://highlandfinancialgrp.com/good-bye/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 578562
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Tue, 14 Feb 2023 10:23:04 GMT
server: cloudflare
etag: "63eb6108-1c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SOZT4kZOzRMs%2BAYObNEoKosCeQ98GZfcSkJH%2FsyMMwNlJwbFW7nqh3MYSxazmJkZD3FgQAzDbn3SKlEjsp6wwQiaDnZcj4O%2B06Mcdz5LOH0RWnXaVgFWP80GbZZnyFbuW7dGJdmj14X%2BpioktuQjxANHgiL"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 79cf9fe45e719b88-FRA
expires: Tue, 28 Feb 2023 20:10:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 98ms
21ms Script
text/javascript 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/provely-public/w/provely-2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:00:32 GMT

POST
H2 200 campaign Show response
app.provely.io/api/campaigns/25699/ 681 B
573 B 440ms
234ms XHR
application/json 52.6.176.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.provely.io/api/campaigns/25699/campaign
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.176.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-176-11.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f4d8ba2b0eb874f56c3914525407ca402c9311c1344a4479dcc2b2279ff55b1d

Request headers

Accept: */*
Referer: https://highlandfinancialgrp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://highlandfinancialgrp.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 0628 27 KB
27 KB 22ms
22ms Font
font/woff2 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin: https://highlandfinancialgrp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 13:03:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 209
etag: "63ecd817-6b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B30DVppU74ZJ2BmQPtm1BZOUK1up769F1qUAaFxr0Rr8OoSeU9V%2FxWvsW6Yn3Ymm3dZYDlQ7L1wJkv7CS1xTuzNS9OL9FRBZZUKykU%2FVojsCMfQJX47pcpGizO9zBrVA3m2xb%2BLReL%2FVUXHEE%2B8%2F7RQN6UK"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 79cf9fe64b3390ae-FRA
content-length: 27400

GET
H/1.1 200
OK 2352b86e-01be-41a9-bb0d-9ed6288c67cc.jpg
tidio-images-messenger.s3.amazonaws.com/nzuuc2cogunhhq2cupw5wccne2kdyeem/images/ Frame 0628 128 KB
128 KB 341ms
118ms Image
image/jpeg 52.217.167.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tidio-images-messenger.s3.amazonaws.com/nzuuc2cogunhhq2cupw5wccne2kdyeem/images/2352b86e-01be-41a9-bb0d-9ed6288c67cc.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.167.233 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19984d8ba5811dd5a17d8b48f733cfab0c272c6c80ce7a6132a62930460cb856

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 12:53:24 GMT
Last-Modified: Mon, 26 Jul 2021 01:47:14 GMT
Server: AmazonS3
x-amz-request-id: 4MFR0SF8QRQC6GXS
ETag: "640aab377839aeb3806334c68424e6e0"
x-amz-meta-projectpublickey: nzuuc2cogunhhq2cupw5wccne2kdyeem
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 131012
x-amz-id-2: nDHFbBCjbkjejawpYeickdEWS0LBShwZrjPMNv248BPqXj6EPke7ybeaudYWTvlt4FixphvJZdE=

GET
H2 200 405eadbf2a29ad3a36ded413dffa6b5a.jpg
avatars.tidiochat.com/ Frame 0628 6 KB
7 KB 36ms
22ms Image
image/jpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.tidiochat.com/405eadbf2a29ad3a36ded413dffa6b5a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0253f3c3aef5e9372406eaf7d753eb0186928ca8529deababd4f7bc195696f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8S2JAK4DJ3VN2N0G
age: 209
x-amz-meta-projectpublickey: nzuuc2cogunhhq2cupw5wccne2kdyeem
content-length: 6553
x-amz-id-2: Ao6+ISDRFcyJcWTbktmyjPV5ILWMJuKerCXX+wy1Uk2z5dm6X/lupAcZo1ucZZobKv9fd4gQK34=
cf-bgj: h2pri
last-modified: Fri, 26 Feb 2021 00:39:01 GMT
server: cloudflare
etag: "9a4af499deb2315a5b6c209cc8e1edf0"
vary: Accept-Encoding
x-amz-meta-type: image
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mPFU6W%2BbymGA3n3xU9dy7Q0PKlYx1Bsu52utQUtJYHdOWpz0HkNuFFEXc%2BReivzEV5RT6J1bYUAPJOvAq2AIaYVCKVt5NVTyAP9mmTN6iM%2Fl0pxNTAcZtgKZdCID0tywtpxBh9RmkyaTHxDtEQeClkugQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 79cf9fe6bb139b88-FRA

GET
DATA 200
OK truncated
/ Frame 0628 403 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c4a32b34a0c9bd8aea9028c241a143c1ce48c5099d487404d28ad551fb69104

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 0628 1 KB
2 KB 37ms
15ms Image
image/png 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 398399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1224
last-modified: Sat, 19 Dec 2020 02:18:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fdd6306-505"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFBsPRTuiKmUnyRWqf2UImD2ac5o2ZXSfFbsWZ9llcNarpql3tPstx0iNgehSo%2BCNBxU%2BIDe4TE9yC8oZUnngf83FSCMoODE04EJeHjhO85sL%2FDbQyTvQlz6gBUJ%2FjFUMjIdLe7x32L1NRo6Nbh6fOIr"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79cf9fe6cd932be9-FRA
expires: Sun, 11 Feb 2024 12:53:23 GMT

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/ Frame F8BF 91 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42afe43f031965b42b1f2a5de80d96abe820c0563619b7367fd1cdc9e1e347a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27978
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 00:21:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 20:13:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F8BF 302 B
695 B 43ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=de

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 12:39:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Feb 2023 12:53:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F8BF 22 KB
1 KB 44ms
19ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=de

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02cc4d65c2d4404bdabb9d0aa0c271af9a4cfa4c2d2a8d1dc52cae413bf1daf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 12:30:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Feb 2023 12:53:23 GMT

GET
DATA 200
OK truncated
/ Frame F8BF 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 638 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 123 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F8BF 107 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8BF 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 427667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:05:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F8BF 16 KB
16 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 505833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:22:50 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame F8BF 5 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d33.83552260390554&2d-84.38674032238582&2m2&1d33.86911001306757&2d-84.34665212435371&2u12&4sde-DE&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._g9q2fw&client=google-maps-embed&token=80229

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e04498a03122e477573057f4902330a2901e117f0cb18944d48d67c20dcd0691

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame F8BF 62 B
83 B 17ms
17ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7se8z6p9&10e1&11b0&callback=_xdc_._aek5vc&client=google-maps-embed&token=49764

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/52/1/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0ae050567ba13c7f1254485f5b5c6996486ee5a3d9f8eb6ba563a6c26610fbf8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 12:53:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 kh
khms0.googleapis.com/ Frame F8BF 23 KB
23 KB 53ms
17ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://khms0.googleapis.com/kh?v=941&hl=de-DE&x=1088&y=1638&z=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c382a49205dae974dbaaafc3b4377668f5b65f4bfa16a5df171d7978831aab7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23450
x-xss-protection: 0
expires: Wed, 21 Feb 2024 12:53:23 GMT

GET
H2 200 animate.css
app.provely.io/legacy/ 27 KB
3 KB 305ms
102ms Stylesheet
text/css 52.6.176.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.provely.io/legacy/animate.css
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/provely-public/w/provely-2.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.176.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-176-11.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0198dc698ac62fd511345604845616ef66d5cef790383504f2d4ecc23890d240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://highlandfinancialgrp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 12:53:24 GMT
content-encoding: gzip
last-modified: Fri, 10 Feb 2023 00:22:20 GMT
server: nginx
etag: W/"63e58e3c-6ae6"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			highlandfinancialgrp.com/	1970-01-20 18:35:20	Name: cookielawinfo-checkbox-necessary Value: yes
			highlandfinancialgrp.com/	1970-01-20 18:35:20	Name: cookielawinfo-checkbox-non-necessary Value: yes

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: about:blank Message: The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.provely.io
avatars.tidiochat.com
cdnjs.cloudflare.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
highlandfinancialgrp.com
khms0.googleapis.com
maps.googleapis.com
maps.gstatic.com
s3.amazonaws.com
tidio-images-messenger.s3.amazonaws.com
widget-v4.tidiochat.com
www.google.com
104.26.8.183
148.72.8.123
2606:4700:20::ac43:4703
2606:4700::6811:180e
2a00:1450:4001:803::200a
2a00:1450:4001:809::200a
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2004
2a00:1450:400d:80d::200a
52.217.167.233
52.217.76.238
52.6.176.11
007651dbf596dc66b447b1512e5956977e667d3c801e3032782df7d8867936c4
0198dc698ac62fd511345604845616ef66d5cef790383504f2d4ecc23890d240
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02cc4d65c2d4404bdabb9d0aa0c271af9a4cfa4c2d2a8d1dc52cae413bf1daf3
0a929c0d354c1509e9996481370970899205b2c1abcc964f4a34a94e5de9c346
0ae050567ba13c7f1254485f5b5c6996486ee5a3d9f8eb6ba563a6c26610fbf8
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1834c3da2fabdef10d97e16658295065d7bc5d93f6cbaa4e76da206e74f9dc78
18e4c73a0a195433516f41fa6cf708e88f7c48d1efc549d15b3782b6fde7ef89
19984d8ba5811dd5a17d8b48f733cfab0c272c6c80ce7a6132a62930460cb856
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
215c4f2e5de836fd8861b35308d892d442710e8ccc214ef168075db3d8f2145b
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
2650381b0abcf47a01f03e0e6d1d8785af9252dc7d731dcd7d14e7ac88dade04
2a71d14cea1c3c9aa7a217f8d053955ef35812b2c8446f01199bcc78eb52d3ef
2e347b11f5ceee93a8007a5d5a35953b3933ea089180f8ad839b112f7e2fcb76
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
33edb620b81a07506bef700f4829db420709846a992e802f45d86a9b184a6d63
34429b1c4e66ecd0783aca2ebe97823e859e6d2872c0ee73a7db408ac495d165
3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e
42afe43f031965b42b1f2a5de80d96abe820c0563619b7367fd1cdc9e1e347a8
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7
495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc
49e3dabfd5fb9a19d057d0fe49102c8170ddef0cc1743e705a314a4e1f0f73a0
4c4a32b34a0c9bd8aea9028c241a143c1ce48c5099d487404d28ad551fb69104
5223bb193ac73918b53434ee625b4d5409b4d5b5124ca19d890071ff17f0a0c5
53523c33c0478109a2d35bc029f17a97cda5af7acbf53308daae7b98aefeeac5
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a
5b7cf2e9a80f496ad0b7673b4228631a2262599454e1d420cd262d72ec087fdd
5d43714f050311083dee6a58ccbb27aa1883bce45ed80f11012f0ce37eb32b7c
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
6828300d5b79d0f302a4592359059d88c8ab8b55ec1892e90495fb8c4c00f7c2
68dd7dd72dd47f439cb0947c37c4216e1c24769cf7ac4db649c26ea628008c0b
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
75a18ff6c9f361ac782380effe66dab49ccb0d5a1759b9900bff06d46c9ad740
75bca4214791d880e2e0b1983c848365ad5d09e331a75f3f98c4a5d853e5bedd
7c610d4c965ec9c40d92ae638cb7caa6f01845cfb3153af07cf053ba0841a943
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
866502701b3005a553ca2ef331f714349ab805c9dcca66c7e750d048a32b33d0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88cc963087f36b037c5fc4371811504bd7d2e44aa8a0db0c5fe06e9738e1111c
93eb1fedbfd3b6d72d2b1ed0940da84a6a4d369bb0f48730b74e1121811e17c9
96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38
9685709dbc5d7f5f167d8aad50e1fb701b6ebe6f307086a3a8783e09f9988124
9b24beb80353525a9e3bdf8e8e2f8e5162d81690396d184328038009af053c27
a188fbb8b61131f413fca2b8b1978c33cb89e7a3210dfb665bc8a290d1280c85
a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028
a7a86c113b0a44a7ff027f517644b295d4ab2f6de663c8faced1c35ffcdc2079
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b11f0e99e5953681749ca4ad11699cadf46c90a561f2e7543123a83fb55f3ab5
b74a4a83f0b6ee52334e2cf2119fb930852a31a805de30c2eb9088235fb492c4
b7b764d39a628eb68e0435b1f89ce33b1a8b297a98f517653fc1ba37677c03b7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0253f3c3aef5e9372406eaf7d753eb0186928ca8529deababd4f7bc195696f8
c382a49205dae974dbaaafc3b4377668f5b65f4bfa16a5df171d7978831aab7d
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6d40a53f0decda2c464eae0617970c98d792a08137c79501424bc620b28d3b
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e04498a03122e477573057f4902330a2901e117f0cb18944d48d67c20dcd0691
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43
e367fa329ea832bb95d3b65639677879f70fa7e77a2953a99b3f88b6114cb0fe
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae
f4d8ba2b0eb874f56c3914525407ca402c9311c1344a4479dcc2b2279ff55b1d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72fedfff31f1ae6250bf47c8425ced3bb21ea3a0cd0a4ea02318aa50a4fe853
f7f639c14daca92fe9f66f08d4ef076d2413eb99dbc35129158de1814d1d7c91
f82500cab210326df5603494d49d3fab377c5beffe021934c121f2fb663bd41b
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fe4a54844495b5ea28b5813e3c2baa18da12c9c9d1ca6d130973f50aec64be15

highlandfinancialgrp.com Open in urlscan Pro 148.72.8.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

99 %HTTPS

64 %IPv6

9 Domains

15 Subdomains

14 IPs

3 Countries

1565 kBTransfer

4630 kBSize

2 Cookies

3 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

highlandfinancialgrp.com Open in urlscan Pro
148.72.8.123 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

99 %
HTTPS

64 %
IPv6

9
Domains

15
Subdomains

14
IPs

3
Countries

1565 kB
Transfer

4630 kB
Size

2
Cookies

67 HTTP transactions
15 data transactions